Hey Guys,
We got a requirement in ISC in which we need to make a custom form for the users whose lastname or firstname got changed and now they want to change their email address on the basis of their name change. May i know how can we achieve this if someone has already done it in ISC. What should be the required fields? and can we attach a rule in the workflow that will validate and create the new user email addres?
is the HR feeds name change or you need to take input through form for name change?
from form itself we need to take input user will put his last name or first name change in form
I am working on same’
We cannot overwrite Authoritative Source Data
but suppose the hr data is also changing the last name then ?
you can achieve if hr changes the last name
how can u pls tell the solutionz?
please refer these Name Change Trigger - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community
Hello @Rakesh_Singh_1234,
There are few questions I have.
I have already executed the Name Change approach through option-1 which is completely automated and do not require any forms. Also, I have written couple of articles on Option - 1 which you can refer.
Design of Automated Name Change –>
How to perform the above implementation technically in SailPoint ISC?
Let me know in case you have any queries.
what about 1st point can we achiuve through launchpad?
Yes, you can also achieve it through Launghpad.
I don’t have the exact logic for Form and Workflow but above is the way you can achieve at high level.
Hi @Rakesh_Singh_1234
We can achieve your use case through forms and workflows. I used this forms and workflows for the Cloning access of one user account to another account.
but how in workflow we can create a logic that validates the email in existinmg email for uniqueness chk and create a new mail when lastname or firstname changes for the user?
just want know is this your scenario: 1) name changes first or last that update taken through form
In my view, to update the email address, you will need a temporary source to be created that can hold the updated last name and first name via form.
So when you make changes via form and update first name, the workflow should make POST Request to /accounts endpoint and update the last name and first name provided in the form for this temptorary source.
Then in identity profile, you will need to have a transform where you can use firstValid transform to first check if there is a value for this user in this source for firstName and LastName and if it is found, then it should get the priority so the first name and last name gets updated on identity level.
The benefit of this approach will be that identity attribute will get updated and i am assuming that you have attribute sync enabled for givenName and familyName attributes for the source where you are generating the email address usually Active directory.
This will lead to triggering of attribute sync for this account where you can either use before provisioning rule or update provisioning policy to intercept these changes and then apply the uniqueness check on email change.
I think this should solve the issue but please note that the temporary source you have created previously should be used for temporary purpose and once the data is updated in real authoritative source, you should delete this user from this source ensuring that the user then gets referred from real-authoritative source.
I hope this helps, if you any questions , please let me know.
Regards
Vikas.
yes like user will put the name and lastname change in form and then accorindgly email shud me geenrated