Role removal from Identity Cube

Which IIQ version are you inquiring about?

Version 8.4

Share all details related to your problem, including any error messages you may have received.

Hello,

We need to change the composition of many business roles based on new requirement. We were testing this scenario when an IT role is removed from the business role composition, users who are requesting for newly modified role are getting roles correctly. But users who already had the business role, the IT role which was removed from the business role is still present in the user’s identity cube. Even after refresh identity task and perform maintenance task, there is no change.

Is there way for us to update the roles in the identity cube?

Thanks in Advance!

Hi @BertJohnson ,

Welcome to the Developer community!

I suggest you run the propagate role changes task first then>Refresh Identities

Refer to this doc:

https://documentation.sailpoint.com/identityiq/help/rolemgmt/propagating_role_changes.html#:~:text=Follow%20these%20steps%20to%20configure,the%20composition%20of%20any%20role

Please let me know if this works for you and mark this reply as a solution :slight_smile:

3 Likes

Hello @BertJohnson

Yes it is possible for you update role composition of business role in Identity Cube. You need to enable before change in composition " Allow propagation of role changes" in global setting> IdentityIQ congifuration> Roles

After that, run Propagate role change task

This should fix your issue

4 Likes

Thanks, I will test this :slight_smile: @703hardik @BalajiChandrasekaran

1 Like

Hey @BertJohnson ,

just checking in to see if the solution works or should we think of something else…

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.