Preventive Policy to prevent users from requesting entitlements if they do not have the target account

IdentityIQ (IIQ) IIQ Discussion and Questions
, , , ,
1

Which IIQ version are you inquiring about?

8.4

Share all details about your problem, including any error messages you may have received.

We have a use case where accounts are created outside of IdentityIQ and our service account does not have permissions to create the account. This is just aggregated in.

We have deleted the provisioning policy form which results in the generic error message : “sailpoint.connector.ConnectorException: Exception occurred. Error message - Please provide all required fields”."
where users will face if they request for entitlements without the account.

I understand that we can create a preventive policy and set a customised message for this but I’m not able to find any option or direction which I can do this on which policy I should use.

Appreciate any advice on this.

Thank you!

2

Hi @infamous,

You can achieve this with an Advanced Policy. To create advanced policy, navigate to Setup → Policies → New Policy → Advanced Policy.

Please refer this article Advanced Policy Violation Rule