Native Change Detection Configuration

Which IIQ version are you inquiring about?

8.3

Please share any images or screenshots, if relevant.

[Please insert images here, otherwise delete this section]

Please share any other relevant files that may be required (for example, logs).

[Please insert files here, otherwise delete this section]

Share all details about your problem, including any error messages you may have received.

I’m planning the roll-out of NCD for IT Services already onboarded to IIQ. I’m wanting to separate the NCD events based on the identity type. For example, if an additional entitlement is found for a human, then I want IIQ to remove. If an additional entitlement is found for a non-human, then I want IIQ to send a certification for review. Does this functionality exist out of the box?

Further, are there any thresholds that can be configured so that NCD doesn’t remove a mass amount of access all at one time? For example, if more than a certain % of entitlements are being detected can I configure IIQ to not automatically revoke them?

Hi @SKingston,

About this you can condifigure a WF into the identity trigger Native Change type and there you can define different behavior for different type of identity.

It’s simple - just create 2 different lifecycle events for native change detection

For example for Human ID

image1441×651 34.5 KB

and for Non-Human ID

image1466×609 34.4 KB

Out of the box you have to native change workflows to handle this events

• Lifecycle Event - Manager Approval for all native changes
• Lifecycle Event - Email manager for all native changes

They generaly do what is stated in their name - if you want different behaviour than you need to make your own workflows.

For certification you can use CertificationEvent to trigger certification on native change

image1811×748 40.7 KB

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.