Hi All,
We have integrated SailPoint IdentityIQ (IIQ v8.4 p2) with ServiceNow ServiceDesk so that a ticket is created for all disconnected application provisioning operations.
I have a few questions regarding the closed-loop verification process:
Current Flow
-
When an entitlement for a disconnected application is requested, a ticket is created in ServiceNow.
-
The application team updates the ticket status to “Closed Complete.”
-
After running the “Perform Maintenance” task, the provisioning moves to the Committed state.
-
After running the “Perform Identity Request Maintenance” task, the provisioning moves to the Finished state and the overall request is marked as completed.
Issue Observed
-
It is not verifying the updated CSV file entries via account aggregation to confirm whether the entitlement has actually been assigned by the application team.
-
Additionally, as per the referenced documentation, we are not seeing the question mark (?) in the Account Name field under the Accounts tab.
Clarification Needed
-
How can we configure the disconnected application (including nativeIdentity, Provisioning Policy, and Schema) so that:
-
Closed-loop verification works correctly by validating updates from the CSV file via account aggregation.
-
The behavior aligns with the documentation (including the expected “?” indicator in account attributes).
-
Kindly provide guidance or best practices for configuring disconnected applications to achieve the expected behavior.
Thanks,
Vasanthi