Exclude Business Roles from Event Certification

Which IIQ version are you inquiring about?

Version 8.2

Share all details related to your problem, including any error messages you may have received.

I have set up a certification event for job code changes. I noticed when a review gets kicked off all roles are included even the birthright/business roles. I am trying to find a way to exclude the business roles out of the certification. I saw that there is an exclusion rule that can be created. Does anyone have any examples on how this rule should look or faced a similar situation. Also is there another way outside of the exclusion rule to handle this? T

Hi @cdavis132 ,

for excluding any item from certification i believe certification rule is only way. you need to look for the role name which you want to exclude and remove it from item object and then add it to itemToRemove Object and return Explanation. Try below code, this might give some error as i have written it on fly as not yet tested. But the concept is true:

import sailpoint.object.*;
import java.util.Iterator;
import sailpoint.object.Attributes;
import org.apache.log4j.Logger;

 System.out.println("Entering Exclusion Rule.");
 String explanation = "";
  System.out.println("------Items are------"+items);

  boolean exclude = false;

  Iterator it = items.iterator();

  while (it.hasNext())


    Certifiable certifiable = it.next();

    System.out.println("-------Certifiable are--------"+certifiable);
    Bundle role = null;
    if(certifiable instanceof Bundle)
      role = (Bundle)certifiable;
      System.out.println("---------Entitlements are-----"+ents);

    if(null != role)
		String roleName = role.getName();
		System.out.println("-----Role Name are--------"+roleName);


        if (roleName.equalsIgnoreCase("role to remove")


          System.out.println("-------Role to exclude is------"+roleName);




		  explanation = "Not certifying birthright roles";




  return explanation;
1 Like

I will test this out in our lower environment and let you know the results thanks.

For future reference check out the document titled “Rules in IdentityIQ”, the document may be old but it still stands true. The document is for IIQ version 7.2 version. I have attached a copy that I have here in my replies

Rules in IdentityIQ 7.2.pdf (2.0 MB)


This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.