Exclusion Rule Implementation in Targeted Certification

Hello,

I’m currently working on implementing exclusion rule within “Targeted Certification” in SailPoint IIQ. However, I’ve encountered a few challenges and would appreciate any guidance or advice.

Current Situation:

• Targeted Certification does not have an explicit Exclusion Rule option in the UI, so we attempted to implement it via the debug page.
• However, we are facing an issue where the “input arguments” (items) are returning as null, which is preventing us from validating and excluding items as needed.

Our Goal:

We want to “exclude entitlement owners” from the certification process to avoid potential self-certification violations.

Background:

• Initially, we implemented this via “Entitlement Owner Certification”, but our clients are uncomfortable with the way access reviews are grouped based on applications.
• Therefore, we decided to try the “Targeted Certification” approach.

Any insights or suggestions would be greatly appreciated!

Thank you in advance.

Hi Lohith,
You have to use the rule configuration and configure a cusotm rule, which should exclude those entitltment owners using SailPoint API’s.

image1452×378 22.1 KB

image2554×440 32.9 KB

@LohithHarish It seems your requirmement is not exclude certification item rather your requirement is to exclude owner cert, You can write certifier rule for the same.
Note : There is some limitation as per item value , you can return one identity or workgroup.
It will help for some extant as you can achive it, if you want exclusion of entitlemnet i will suggest better use Extened attribute or classification and then filter in What do you want to certify? Tab.