We are working on SailPoint IdentityIQ 8.3, and we have a requirement to track entitlement revocation details at the Identity level.
Currently, under: Identity → Events tab → Access Requests, we can see request-level information such as:
Operation (e.g., Disable)
Application
Approval Status
Provisioning Status
However, we are not able to see which specific entitlement(s) were revoked for the user.
Requirement:
We want to display detailed entitlement-level information (e.g., entitlement name/value) in the Identity → Events tab, specifically for revoke/remove operations.
@Viraj You can write a before and after provisioning rule to log an audit event for action=identityLifeCycleEvent.. this will make an entry in the Events section. Also, you should be able to see the revocation details in History tab as well.
Access Requests section is only for Access Request raise for the user.
Or if we this is a common requirement across all apps for remove requests through LCM, you can generate the audit event in the LCM workflow itself after provisioning step.
It is disable request, i believe there are no entitlements inside to show.
Even if there is an item/entitlement inside, the expected columns — Item and Value, which display entitlement details, are not shown for the Manage Accounts request type. Incase of other request type for ex Request Access you can see those columns.
Adding to this, you can see the certification revocation details in History tab under Identity Certification History.
There are by default audit events already created when an entitlement is revoked.
You should not try to customize the OOTB Ui, its not recommended.
Probably you can think of building a custom form/ plugin to show the details separately. would recommend not to modify the OOTB UI.
