Hi Team,
I have a requirement where the user should be able to select the identities that have existing access to the application and then select the identity whom they want the access copied to.
This will be done via launchpad need some inputs how we can achieve this via workflow even if this is possible or not?
Hello @Deepanshu07
Yes , this is possible !
We need forms - to select these identities and workflows - to copy the access .
Build a form :
→ Select Identity with Access (by search for which identities has access to @(access.id:“access id”))
→ Select Identity which needs the above identitiy’s access (predefined identities )
Workflow
–>Interactive Trigger
–>Interactive Form
–>Get Access (By Identity of- Select Identity with Access)
–>Manage Access (Access to manage is above Get Access Output , Identities to get this access will be :Select Identity which needs the above identitiy’s access. Operation : Add Access
Hope this is helpful !
Thanks
Sid
Does Sailpoint has any OOTB functionality for this?
I’m sorry I’m not following you ?
functionality that lets user copy access from one user to another
Hmm! I don’t think so . As there would be various user levels and it’s not a good practice to expose identitiy’s access information to everyone .
You might have the proper business reasons for doing this, but I would immediately challenge such a requirement as it feels 180 degrees opposite of what you’re trying to accomplish with any IGA solution, like:
Of course the sentiment ‘I need to have the same access as my colleague’ might be correct, but then it needs to be tied to a team role that can be assigned in the proper ways, not just by copying someone else’s access, that is the way to overprovisioning access.