Exclusion Rule Implementation in Targeted Certification

Hello,

I’m currently working on implementing exclusion rule within “Targeted Certification” in SailPoint IIQ. However, I’ve encountered a few challenges and would appreciate any guidance or advice.

Current Situation:

• Targeted Certification does not have an explicit Exclusion Rule option in the UI, so we attempted to implement it via the debug page.
• However, we are facing an issue where the “input arguments” (items) are returning as null, which is preventing us from validating and excluding items as needed.

Our Goal:

We want to “exclude entitlement owners” from the certification process to avoid potential self-certification violations.

Background:

• Initially, we implemented this via “Entitlement Owner Certification”, but our clients are uncomfortable with the way access reviews are grouped based on applications.
• Therefore, we decided to try the “Targeted Certification” approach.

Any insights or suggestions would be greatly appreciated!

Thank you in advance.

Hi Lohith,
You have to use the rule configuration and configure a cusotm rule, which should exclude those entitltment owners using SailPoint API’s.

image1452×378 22.1 KB

image2554×440 32.9 KB

@LohithHarish It seems your requirmement is not exclude certification item rather your requirement is to exclude owner cert, You can write certifier rule for the same.
Note : There is some limitation as per item value , you can return one identity or workgroup.
It will help for some extant as you can achive it, if you want exclusion of entitlemnet i will suggest better use Extened attribute or classification and then filter in What do you want to certify? Tab.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.