IDN Identity attribute set only during identity creation

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

Hey all!

So, for those with IIQ experience I’m looking for an IDN solution to implement something like an Identity Creation Rule where I can create a unique identity attribute. This attribute will essentially contain a sequential number like 0012345, but I need to determine the highest value used and increment it, assign to the identity, then store that value someplace to be found for the next identity created.
the Identity Attribute Rule seems like something that might work however the documentation calls out this is not what it should be used for. Also, not sure where I can store the value of the highest ID generated.
In IIQ I’ve built this using either a custom object i can access, retrieve the value and increment back to the custom object. I’ve also done the same with a custom DB table in the IIQ database.
There does not seem to be a solution that I have found to generate a new unique identifier that meets my needs. The use case is we have multiple authoritative sources and we want IDN to generate is own unique identifier that will stay with that identity regardless of which authoritative source its data comes from.
Suggestions and alternate solutions welcome!!!
Thanks all

2

Hi @kirkkenton,

Here is a thought on how unique identifier can be maintained with multiple authoritative sources, not sure if this could be applicable in your scenario :

Say you have 3 auth sources A,B & C

Identify a unique value from each source, prefix A,B or C to it using transforms, so that you can eliminate the duplication scenario.

Unique ID can then look like A-123,B-123,C-123.

3

that absolutely could work but what I may not have mentioned is we need it to be a number like 0012345 as we already have this generated through a different service that is being deprecated and we need SailPoint to generate it now.
I’ve seen other posts where someone suggested a new jdbc source with this value but that doesn’t work as you’d have to aggregate that after the authoritative source to get the number. I have yet to find any class/methods in the java docs for IDN that even allow setting values on anything.
beginning to think this isn’t possible in idn where we can do this in iiq.

4

Hi @kirkkenton,

You may want to take a look at this: