ISC Correlation issue after onboarding new HR Source

seasaurabh · December 29, 2024, 6:17pm

We have a use case where initially we have 2 HR systems - Employees are coming from Oracle and Contractors are coming from Azure and it was working perfectly fine. Now we have we have onboarded a new HR source - Workday with all Employee and Contractor data. This new source identity profile is the highest priority. We have tested this in Sandbox, and it was working fine. The correlation was happening based on employeeID which is 6-digit number. New identity profile getting updated.

Now during prod, all the employees which originally came from Oracle HCM that got correlated with Workday and new identity profile got tagged.

But for contractor there is data issue initially sent from them. Details :

Contractor employee id is usually start with 00 as 009923 but Workday just sent the numbers 9923 so it doesn’t get correlated and created a new profile. To fix this we did cleanup -

Deleted the all the application accounts
Deleted the new user from SailPoint ISC.

Then Workday updated all contractors employeeid to the correct value starting with 00. Now when we are trying to aggregate it’s not correlating to the existing identity with the same employeeid rather than creating a new identity. We verified all correlation rule, identity profile etc. there is no difference but still it is creating new one.

Let me know if anyone has faced this kind of issue. Any help is appreciated.

vasanthrajsp29 · December 29, 2024, 6:39pm

Hi @seasaurabh,

Welcome back to sailpoint developer community!!

You need to run full aggregation and it will fix the correlation issue.

Please refer this link Loading Account Data - SailPoint Identity Services

-Vasanth

pablonovoa · December 30, 2024, 8:05am

Hello,

Did you try to correlate by using a simple transform rule to trim all 0 values from left to right in the identity attribute?

Regards,
Pablo

mkumariaas · December 30, 2024, 12:56pm

@seasaurabh use full aggregation one more time , it iwll be correlated

GOKUL_ANANTH_M · December 30, 2024, 1:49pm

Hi @seasaurabh ,

Reset the source once and just, do an aggregation.

Or you can just do an unoptimized aggregation.

eabedrapo1 · December 30, 2024, 7:41pm

hi @seasaurabh,

Welcome to the community!

Just curious, do you have permissions to modify the user schema in Workday? If you do, can you set the “type” of employeeID to string, so when you import from Azure it doesn’t remove the trailing 0s?

If you cannot modify the schema in Workday or you already tried that and it didn’t work, another alternative would be to create a transform that applies “Left Pad” to the account attribute of the Workday source.

If that doesn’t work either, you could try some more complex configurations such as replacing trailing 0s by Xs in the Azure employeeID and aggregate from there to update the corresponding employeeIDs in SailPoint. Then import those IDs in Workday and then sync Workday with SailPoint.

I hope that helps!

Elisa.

lampard08 · December 31, 2024, 3:42am

have you by any chance changed (or just played around) the Account ID and Name mapping in the schema?

mehuljogi · January 2, 2025, 12:17pm

Hello @seasaurabh ,

Like most experts said, I would also recommend running non-optimized aggregation to solve the correlation problem.
Documentation also says that:

For running non-optimized aggregation try using the following API: import-accounts | SailPoint Developer Community

-Mehul

seasaurabh · January 3, 2025, 12:51am

Thanks all i had tried all and nothing works. We have working session with Sailpoint support as well but nothing comes out so as its prod we decide to fix manually.

Appreciate everyone time and suggestion.

mehuljogi · January 7, 2025, 3:01pm

Thanks for the update. Hopefully the SailPoint session will be able to resolve this issue. Let us know what you find.

-Mehul

system · March 8, 2025, 3:02pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.