While doing certification campaign reviewer revokes access, in this case we are not receiving any notification if the revocation fails. How to achieve this notification part
Schedule a report for failed events using search technicalName:*REVOKE_FAILED
This has been solved in another thread: Notification on failed certification action - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community
To sum it up:
-
Create a Workflow using the Provisioning Completed trigger.
-
Add a filter to ensure the workflow only fires for failed certification revokes. You can use a JSONPath filter like:
$[?($.errors.length() > 0)]- Or filter on action as certification and accountRequests.provisioningResult as failed.
- In the workflow, add an action to send an email, Slack notification, or create a ServiceNow ticket. You can include details from the trigger payload like trackingNumber, recipient, and errors so the manager knows exactly what failed.
Let me know if you have any questions or concerns on the approach.