Alex Dunker, Developer Community Expert Ambassador, will leverage delimited file sources, APIs, workflows, and other ISC features to create a unique ID database, fully native to ISC, without creating any additional infrastructure.
Here is a copy of the workflow we used today.
Here is a copy of the workflow we used today.
Hi,
the import of the json does not work.
The Trigger:
idn:source-account-created
does not exist in Sailpoint. I think we can use the event trigger:
idn:native-change-account-created
Source account created is an early access trigger. You have to contact support to have it enabled in your tenant.
idn:source-account-created
does not exist in Sailpoint. I think we can use the event trigger:
idn:native-change-account-created
This was actually built before the native change triggers were released - so we had to use the “Source Account Created” trigger, which years later is still considered early access. You should theoretically be able to shift things over - but you’ll need multiple triggers if you use Native Change Account Created - because that won’t track accounts that SailPoint itself creates.
Curious if you have a solution for renames within IdentityNow?
An additional workflow - but similar design - just monitoring for changes to the value instead of new accounts.
follow-up: what if I also want to monitor for changes to proxyAddresses in AD and have this or another workflow get the values but substring to just add the email address prefix before the @ symbol?
one thought i had was create an identity attribute for the proxyAddresses attribute from AD and have a workflow trigger on that identity attribute. then use a similar workflow but since proxyAddresses is multivalued would need to loop those values. Also, in our case proxyAddresses doesn’t have the smtp: or other x500 values. they are just straight email addresses. but i’ll want to only record in the UIDB the email prefix. I think i can handle most of this but haven’t found a way to do the substring. before calling the create account api.
sorry, i think i just figured that part out using the Define Variable Operator.
can get the email address within a loop, then use the Define Variable Operator where I can use the Substring to the index of @
shout out to Harbor Pilot for building a test workflow to answer this for me.
me again, turns out the Triggers all suggested aren’t in prod and can’t be turned on. Feels like you need to use 3-4 different workflows to detect new accounts created by SailPoint, Renamed AD accounts, Accounts created directly in the source, that all then call another workflow that will create that account on the delimited source. Feels like the solution you had was simple as demo’d here but over time SailPoint didn’t follow through and a lot of what is shown for the triggers in the demo won’t work.
Anyway you can post an update to this video with updates to make it work with available triggers?
I think SailPoint has more recently changed how these triggers are made available - it would need more review because of that.