We have 5 identity profile from 5 auth sources in our project, transfer of users among the auth source is one of the use cases. Application doesn’t have specific flag which will indicate transfer happened. Because of this we end up having 2 active identity profile, if the Auth source 1 is having high precedence though transfer happened to auth source identity attributes having values of auth source 1.
Can you please suggest how it can be handled in SailPoint ISC any native way is available like setting lifecycle state
If I understand this correctly, you want to be able to have users move between identity profiles backwards. ie from higher to lower priority, whilst staying in both sources?
The only way that I know that this can happens is if they user gets deleted from the higher profile, otherwise that one will always take precedence.
Agreeing to Phil’s suggestion , if your lifecycle state is inactive long term where delete account is supported then this can happen as per the priority.
Thanks for your response, We don’t want user to move between identity profile, when user is transferred from auth source 1 to 2 the identity profile of auth source one should be removed from identity
If you feel like living on the bleeding edge…reach out to SailPoint, they have a Fusion Connector NG. That might suit your needs, maybe.
Specifically, you’re not using it for the deduplication feature, but you’re using it in " Authoritative source mode, so you can merge the data (instead of removing the account and losing data / history / traceability).
Yes that’s correct , when the user is getting transferred data is coming from both sources, we need to delete the old one how to do it any inbuilt process? Please suggest.
If go with priority in 5 auth source , user can transfer from highest priority to lowest also so how to sort that out..
