Hi All,
We have around 20K Identities and we have a requirement to create new birth-right role which will create application account and assign specific role inside the application to existing 20K users. Target application is a WebService based application so we are checking the API limit.
However, we would like to know if there is any impact on SailPoint if it triggers create account/add entitlement operation for all 20K users or what are the best practices we need to follow in such scenarios
I don’t think there would be an issue as Account Provisioning in IDN is sequential, so there will be a delay in between provisionings.
I have done this earlier for around 6K users, I didn’t face any issue.
Maybe you can add extra condition department or location or some other attribute to process the users as a batch.
About 1.5 years ago I saw a demo with 100K identities and it had adverse impacts on the tenant. Things have obviously changed since then, but I agree with @KRM7 that doing it in smaller batches, at least to start, is probably a better approach to ensure it’s working EXACTLY as expected before turning it loose on 20K identities.