Hi
When certification is signed off by the reviewer, SailPoint performs the actions based on the reviewer’s decision. If any of the actions like revoking access or entitlement failed, how can we trigger notification or capture the failed actions or re process the failed actions automatically after few seconds?
Thanks in advance.
the clean way to notify/capture failed “revoke” actions from certifications is to listen to Provisioning Completed (not “Certification Signed Off”).
Certification Signed Off only tells you the certification moved to End (it does not carry provisioning success/failure details).
Provisioning Completed fires after ISC provisions, and provisioning events occur in Certification, so it’s the right trigger to detect failed revokes and notify.
recommended pattern
1. Create a Workflow or Webhook subscription on Provisioning Completed.
2. Add a trigger filter to only fire on failures, for example:
$[?($.errors.length() > 0)]
3. In the workflow, send email / Slack / ServiceNow ticket including fields from the trigger payload like trackingNumber, sources, recipient, errors, and accountRequests (so you know exactly what failed).
Certifications only provision removal for access acquired through Access Request. Certifications cannot revoke access acquired via role membership or lifecycle changes—so if the item is role/lifecycle-driven, remediation won’t work (or will be re-granted).
For “auto reprocess after a few seconds”:
ISC doesn’t provide a native “retry in seconds” for certification remediation. If you truly need auto-retry, implement it inside the workflow (e.g., Wait, re-check access still exists, then re-attempt via your remediation process / ticketing).
If that solution work for you mark as solution
To close the issue
Amr