Certification custom logic

I recently worked on a use-case, I would like to check is there any other optimistic way to do.

Scenario:

1. As a part of mover workflow a certification will be generated to review the access.
2. If reviewer approve → nothing to do
3. If reviewer revoke → SNOW ticket to revoke access (default functionality) along with disabling of account (custom logic, set Active = No) should be created.

I opted for the certification Item completion Rule which will be executed for every cert Item completion, so that I can check the decision and modify the plan accordingly.

Flaw here is this rule will be executed for all application included in the certification.

Note: Since we using ServiceNow integration I couldn’t able to use application’s after provisioning rule
Current IIQ version: 8.3

Hi @GKovaradhan

Question: For which application this access review is ? Does it have direct provisioning or you create SNow ticket ?

Thanks
Krishna

Hi @GKovaradhan

Are you generating SNOW ticket to perform remediation action? If yes, then you can check if after provisioning rule on - IdentityIQ for ServiceNow ServiceDesk connection can be leveraged.

Thanks,
Pallavi

I have used before provisioning rules in similar cases to modify the plan action and open a snow ticket throug app specific before prov. rule.

Before provisioning rule is not triggered if the application is on-boarded using delimited file connector. So it depends on the type of application/connector.

I would handle that with integration config for app specific type if that’s your use case with .csv file

yes, that would also work.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.