Role removal from Identity Cube

IdentityIQ (IIQ) IIQ Discussion and Questions
, ,
1

Which IIQ version are you inquiring about?

Version 8.4

Share all details related to your problem, including any error messages you may have received.

Hello,

We need to change the composition of many business roles based on new requirement. We were testing this scenario when an IT role is removed from the business role composition, users who are requesting for newly modified role are getting roles correctly. But users who already had the business role, the IT role which was removed from the business role is still present in the user’s identity cube. Even after refresh identity task and perform maintenance task, there is no change.

Is there way for us to update the roles in the identity cube?

Thanks in Advance!

2

Hi @BertJohnson ,

Welcome to the Developer community!

I suggest you run the propagate role changes task first then>Refresh Identities

Refer to this doc:

https://documentation.sailpoint.com/identityiq/help/rolemgmt/propagating_role_changes.html#:~:text=Follow%20these%20steps%20to%20configure,the%20composition%20of%20any%20role

Please let me know if this works for you and mark this reply as a solution :slight_smile:

2 Likes
3

Hello @BertJohnson

Yes it is possible for you update role composition of business role in Identity Cube. You need to enable before change in composition " Allow propagation of role changes" in global setting> IdentityIQ congifuration> Roles

image
image1911×861 40.8 KB

After that, run Propagate role change task

image
image474×578 15.6 KB

This should fix your issue

4 Likes
4

Thanks, I will test this :slight_smile: @703hardik @BalajiChandrasekaran

1 Like
5

Hey @BertJohnson ,

just checking in to see if the solution works or should we think of something else…

1 Like