Hello,
Is there an event trigger available with the information of all revoked access after a certification campaign ended or signed off? Trying to handle the removal of access after a certification signed off using workflow.
Thanks
Mathew
so far we do not have that trigger. But you can have the following trigger to get information about campaign completion and certification sigoffs
Campaign Ended
Certification Signed Off
1 Like
There is no endpoint which will give you ALL revoked access after a campaign is signed off, but if you need to take special actions for certification based revokes, consider a design which uses the provisioning complete trigger:
Additionally, consider going down the reports route with remediation status report if you are open to some scripting with PowerShell:
- Make an API call to get the campaign report ID:
get-campaign-reports | SailPoint Developer Community - Make another API call to get the CSV file:
get-report | SailPoint Developer Community - Use a PS Script to process the CSV file and take necessary actions.
You can leverage the PowerShell SDK for this to offload the heavy lifting of the API setup.
1 Like
Why are you trying to use a workflow instead of standard OOB functionality?
I think the closest you’ll get is the “Certification Signed Off” trigger. Then you’d need to do some search or API calls to get the revoked access. But, since revoking access in a campaign automatically creates requests to remove access, I go back to my initial question of what actual requirement is driving this?
1 Like