Report showing detected IT roles which are not allow by a Business role

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

Is there any report showing detected IT roles which are not allow by a Business role? Or does anyone have an example of the same?

At one of our customers we want to have a report showing the entitlements managed by IIQ through IT roles which are set on the application outside of IIQ (manually by an application administrator).

– Remold

1 Like

Hi @Remold
If I have understood the requirement correctly, then it is to obtain a report that includes all identities with IT roles that have not been assigned through business roles.
Our requirements were similar, therefore we customized the “User Details Report” OOTB report and added this script to one of the columns.

 import sailpoint.object.Identity;
 import sailpoint.object.Bundle;

 Identity identityObject = context.getObjectByName(Identity.class, value);
 List detectedRoles = identityObject.getBundles();
 List assignedRoles = identityObject.getAssignedRoles();

 List detectedRoleOutSideOfAssignedroles = new ArrayList();

 if (detectedRoles == null || detectedRoles.size() == 0) return "Detected Role Not Found";

 if (assignedRoles == null || assignedRoles.size() == 0) {
     // It means all IT roles are not assigned through business roles
     for (Bundle detectedRole: detectedRoles) {
     return detectedRoleOutSideOfAssignedroles;

 if (detectedRoles != null & amp; & amp; detectedRoles.size() > 0) {
     for (Bundle detectedRole: detectedRoles) {
         if (assignedRoles != null & amp; & amp; assignedRoles.size() > 0) {
             for (Bundle assignedRole: assignedRoles) {
                 if (!assignedRole.requires(detectedRole)) {
     if (detectedRoleOutSideOfAssignedroles.size() == 0) {
         return "All detected roles are assigned through business roles";
     } else return detectedRoleOutSideOfAssignedroles;

Thanks, I will try it this week :slight_smile:

— Remold


This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.