ISC Community Toolbox


:spiral_notepad: Description This is the developer community’s open-source admin tool, providing additional admin capabilities and reporting not currently available in the Identity Security Cloud UI.
:balance_scale: Legal Agreement By using this CoLab item, you are agreeing to SailPoint’s Terms of Service for our developer community and open-source CoLab.
:hammer_and_wrench: Repository Link https://github.com/sailpoint-oss/isc-community-toolbox
:hospital: Supported by Community Developed

Overview

The ISC Community Toolbox is a desktop application with a collection of features in the Identity Security Cloud that haven’t yet made it into the UI. The ISC Community Toolbox is built using Electron and Sveltekit, and it is developed and maintained by the and the SailPoint Developer Relations team.

Requirements

The latest version of Windows, Mac, or Linux. This is a standalone installer and does not require any coding or development packages.

Guide

So, what can you do with the ISC Community Toolbox today? Below is a list of features, their descriptions, and what they can do, along with some screenshots.

:bangbang: All functionality. today for the ISC Community Toolbox is read-only, with the exception of the Courier tab, which allows you to make API calls.

Login

The login system is the same Oauth login system found in Identity Security Cloud, and offers the same Oauth flow and protections.

Homepage

The first thing you’ll see when you login to the ISC Community Toolbox is the homepage. Currently, the homepage has four items:

Identity Security Cloud Status

This is the official status of our platform, polled directly from status.sailpoint.com and will show you the latest status update. Clicking on this link will take you to status.sailpoint.com.

Tenant Links

This section just provides you fast links to common places you may want to navigate to in your tenant when doing common administration functions, so we simply provided those links for you here, for quick access.

Resources

Similar to tenant links, we know you may commonly visit external, SailPoint-owned resources, and so we’ve provided those links for you here, for quick access, as well.

Support

Last but not least, (again!), quick links to common support resources that you may reach out to after gleaning new information from your environment.

Sources Tab

The sources tab is very similar to the sources you would see in the Identity Security Cloud UI, but with additional data exposed for administrators, such as the Raw JSON objects of each source. The purpose of this tab is to make it easier for administrators to find relevant information about their sources (such as ID’s) when troubleshooting their environment, or having others (support, services, etc.) troubleshoot your environment.

Identities

The identities tab is very similar to the identities you would see in the Identity Security Cloud UI, but with additional data exposed for administrators, such as the Raw JSON objects of each identity. The purpose of this tab is to make it easier for administrators to find relevant information about their identities (such as ID’s) when troubleshooting their environment, or having others (support, services, etc.) troubleshoot your environment.

This tool also makes it much easier to view identity events for a given identity. This can be found under the Identities tab:

  • Click Open for your chosen identity
  • Scroll to the bottom of the identity page to see the identity events for that identity

Reports

The reports tab provides common queries that administrators may need to run to get an understanding of the health and posture of their Identity Security Cloud implementation. New reports can always be added to this section by requesting them here in the CoLab. You can find the current reports offered, below.

Source Account Create Error

This report will show all source accounts for which there is a create error associated with the source.

Inactive Identities with Access

This report will show all identities that are inactive but still have access in sources.

Missing Cloud Life Cycle State

This report will show all identities that are missing a cloud life cycle state.

Source Owner Configured

This report will show all sources and their configured owners.

Source Aggregations

This report will show all sources and their most recent aggregation events.

Courier

The courier tab makes it easy for you to run API calls without having to worry about managing authentication and authorization in a separate tool. This is especially useful when troubleshooting using the above tabs, and quick dropping down to the courier tab to make a remediation based on information learned above.

5 Likes

So happy to see this tool back online. It’s very useful.

1 Like

Actually the old tool you knew with this name is no more, but we are working on a new admin console with all new features :slight_smile:

3 Likes

The old tools source code is still around if you need it or would like to contribute. GitHub - jhyderjhyder/idn-admin-console: This tool is build to help the community to manage SailPoint IdentityNow (IDN).. But it’s exciting to see there is something officially being offered to the community.

2 Likes

Hi Jordan,
I am very excited for the new admin console, with all the new features!

Is there a page where we can keep track of the status or ETA of release?

1 Like

Hey Jason—this topic/page right here!

1 Like

Try as I might, my virus scanner (Mcafee) blocks this a few seconds after launching and deletes the files. Any thoughts?

Ed, I couldn’t run it either. I was trying the setup exe one.

1 Like

@LukeHagar @philip-ellis, tagging the developers themselves!

@edmarks @jrossicare,

We are working on code signing for this project, which should resolve the majority of these issues.

1 Like

@jordan_violet It appears that the links on the Github page to the releases and back to this page are broken.

1 Like

Hey Scott! All fixed!

Hi,
Instructions say

Go to the folder: ./Sveltekit-App First, run this command:
npm install

I dont see Sveltekit-App folder, or Electron-App folder.

I am not sure what I am doing wrong. Thanks.

1 Like

Hey Jason,

Sorry about that—it looks like we had some old docs on the GitHub repo :sweat:

I’ve removed those old docs, and you can find the docs here now:

1 Like

I have another question :slight_smile:

Why does it use username and password, and not PAT (Client ID + Secret)?

Thanks

1 Like

Hey Jason,

To make sure I understand, are you asking why it uses an OAuth flow to take you to your login rather than letting you enter in a PAT to run the tool?

Hi Jordan, Yes.

We have a ‘remote Identity Provider’ enabled, for SSO to ISC, so no-one knows their ISC login credentials.

Also, I think with having an IdP enabled, the ISC Toolbox doesnt is just blank after the screen where you enter your tenant name. You dont even see the screen/page to enter username and password.

I have not confirmed this 100% by disabling Remote Identity Provider, but will try it out of hours so I do not affect others.

Ideally it would be an option, to choose PAT rather than OAuth flow. I was going to see if I could code that myself if I get some time.

@philip-ellis - a good use case for including PAT as an option!

Hello everyone,
I opened an incident on GIT because I can’t connect to the application, do you have other error cases in a similar case?
I also find it strange that the callback goes to IPV6 while all the other calls are in IPV4.
This tools seem very nice and I look forward to test it.