Manager Certification - Detected Roles and Assigned Roles

IdentityIQ (IIQ) IIQ Discussion and Questions
1

In Manager Certification,
If any Business roles are having 3 IT Detected Role and 1 IT Assigned Role .
When we create certification then we are seeing that separate access item got created for Business role and also for Assigned Role.
What is the expected behavior?[wrap=“hidden”]

Hidden Text

[/wrap]

2

@sbhagat bydefault it will pick all. either you can exclude roles from cert or you can use exclusion rule to handle IT roles Vs Business Roles.

Check some links :

For line manager certification we want to set up a exclusion rule which will detect underlying IT roles in business role and remove for certification - IdentityIQ (IIQ) / IIQ Discussion and Questions - SailPoint Developer Community

Certification Exclusion Rule - IdentityIQ (IIQ) / IIQ Community Knowledge Base - SailPoint Developer Community

let me know if you have any specific requirements.

Pravin

3

Issue it Manager Certification is taking only Assigned Roles but not the detected Roles.

4

Hello,

Is the detected role(which did not appear in cert) a part of Business role?

1 Like
5

YES, It is the part of Business roles.

6

I believe the IIQ behavior is it displays the business role(parent role) in the certification and not the child role if it is detected IT roles.

But it displays the Assigned IT roles even though it is a part of a business role.

You can certify the business role but cannot certify individual IT Roles(Detected) which are present inside them

7

You can use exclusion rule to handle the assigned business role

Refer this link:

2 Likes
8

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.