Github Teams management in sailpoint

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hi Team,

We are trying to Integrate Github with IDN. I am using Github connector. I observed we were able to add or remove users from teams and these Github teams are aggregated into SailPoint as groups. The issue I have is there are 700 active teams used in our Github now should i create 700 access profiles [which is not recommended by my company] for this or is there any other way? So the users can request the access profile from request center.

2

Realistically you can either

  1. Do what you mentioned and create 700 access profiles. This would likely involve setting up some automated process of keeping the access profiles up to date

  2. Have users request them as entitlements, which would mean you can’t group them under an application.

We’ve got a source with 964 Access Profiles for example, but automations for handling all of these were created before there was any functionality for requesting entitlements directly. It’d be a bit tricky to change everything after the fact now + access profiles have the added bonus of being grouped into applications.

1 Like
3

Hi @Ankitha09 !

If your goal is just to make these entitlements requestable, you don’t need to create access profiles, entitlements can be directly requestable in the request center.

4

I cannot make entitlements requestable, as the naming cannot be understood by the users requesting. Need them under application :smiling_face_with_tear:

5

Hey Marten,

As you mentioned “This would likely involve setting up some automated process of keeping the access profiles up to date”. Can you explain which automated process are you refering and how to do that :melting_face:

6

For managing a high number of Access Profiles and Roles, you can use the Bulk Role Import Tool:

IdentityNow Bulk Access Profile and Role Importer - Compass (sailpoint.com)

7

Hey Vincent,

Not able to install the tool u mentioned. I have unzipped the file but couldn’t install.

8

So it’s not a program you install, it’s a script you run using command prompt with Ruby installed. Read the documentation and follow the steps, if you have any issues post here.

9

Either something like the bulk role import tool Vincent shared or some other form of a scheduled script/application etc but it’s not something built into Sailpoint. Perhaps Sailpoint workflows could be leveraged but I haven’t looked into that.

10

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.