Hi,
I am in the process of setting up a query to generate a report of terminated users from the past week, which I intend to send to a distribution list. However, I have observed that users will need report-admin or general admin access to download the report from the email link provided.
Could you please confirm if this is the expected behavior or a limitation within IdentityNow? Any guidance you can provide would be greatly appreciated.
Hi,
You can create a governance group and send email from search subscription. Below is the user access matrix of ISC.
-Abhinov
In order to set up a saved search to a distribution list, you will need to create an identity that has the distribution list as its email source. However, unless you assign a password that you share with the users so they can login as the “service” identity, they will not see the search and will not be able to access the report. You can share reports though to multiple individuals.
When running a saved search, by default only a link or a summary is provided in the email. If the user needs to see the results in ISC, they will need to have one of the following roles:
The results are not normally included in email as a security measure. However, if you look at the search subscription template, it is possible to include the detailed results:
Search Subscription Notification Email Template - SailPoint Identity Services
To prevent large emails/sensitive emails for other searches from being included in email, I would use the variable ${searchName} to limit the full output just to the termination report.
Basically the ask is to send a weekly report to a bunch of people. If I understand this right, We can create a governance group and add the respective users to the group and grab them the report Admin access atleast so that they will be able to access the data !!
