Sailpoint IDN-Multiplexing

officialamitguptaa · September 5, 2025, 8:29am

IIQ-style “multiplexing” isn’t a feature of IdentityNow/ISC, so there’s no native knob that lets one source spawn many “virtual sources.” In ISC, a source = one connector instance. If you have one single delimited (CSV) feed and you want to expose multiple logical sources, you have three workable patterns:

What will / won’t work

Multiplexing (IIQ concept): Not available in ISC. (There’s even a community thread asking for an MCA-like option in ISC—answer: not today.) (Multi-connector Adaptor for ISC, Applications created via Multiplexing)
Flat-file “slices” per Source (recommended): Pre-split your CSV into per-app/per-domain files and create one Delimited File source per slice. Use the File Upload Utility (on VA or a build agent) to push each file. This is simple, scalable, and transparent. (SailPoint Documentation - Integrating Delimited File)
One CSV reused by multiple Sources + filters: You can point multiple Delimited File sources at the same schema and use each source’s Filter String to exclude non-matching rows (e.g., drop everything not for “AppA”). It works, but it’s easy to misconfigure and harder to debug. Prefer pre-split files when you can.
Avoid flat files if possible: If the upstream can expose an API, use a SaaS/Web-services/Custom (OpenConnector) approach and model each logical system as its own source. It’s cleaner than CSV gymnastics. (SailPoint Documentation - Implementing custom connector)

Two practical designs

A) Pre-split files (best practice)

Produce accounts_appA.csv, accounts_appB.csv, … from your single master feed.
Create one Delimited File source per app; download the source’s account/entitlement schema templates and keep them versioned. (SailPoint Documentation - Load Entitlements)
Upload via Identity Security Cloud File Upload Utility (schedule it). Keep each source’s delete threshold sane (e.g., 20–30%) to protect against bad drops. (SailPoint Documentation - Integrating Delimited File, developer.identitysoon.com)

Pros: Clear blast radius, simple troubleshooting, least surprise.
Cons: You maintain N files (usually automated in ETL/VA).

B) Reuse one CSV across “virtual” sources (okay, but be careful)

Create multiple Delimited File sources with identical columns.
In each source, set Filter String to exclude everything not belonging to that virtual slice (e.g., exclude rows where appCode!="APP_A" if your syntax supports it). The doc shows equality examples; test operators in your tenant first. (SailPoint Documentation - Additional settings - delimited app)
Upload the same file to each source (or let VA copy it to per-source inboxes).

Pros: Single master file.
Cons: Filter logic can be brittle; inclusion vs. exclusion semantics need testing; harder audits.

Implementation notes & pitfalls

Delimited specifics. Only single-character delimiters are supported (use \u0009 for tab). You can also set a group delimiter (for entitlement files) via source PATCH.
Authoritative vs. correlating. Keep one authoritative feed per identity profile. Make the rest correlating sources to avoid identity duplication.
Correlation & uniqueness. Ensure each source has a unique Account ID (e.g., accountId), and correlation rules match your HR key (email/employeeNumber).
Entitlements with flat file. Manage entitlement schemas/types per source and upload with the entitlement template; don’t mix unrelated app entitlements into one source unless they truly belong together.
Safety rails. Set deleteThreshold on each source, and test with small samples first.

Recommendation for your use case

If the goal is to create “virtual sources from one delimited feed,” choose A) Pre-split per virtual source, then automate with the File Upload Utility. Use filters only when splitting upstream is impossible.
Long-term, consider moving to API/SaaS connectors or a Custom OpenConnector so each logical system is its own first-class source with live aggregation/provisioning.

If you share a sample of your master CSV (headers + 5 rows) and how you want to partition it (e.g., by system, region, or env), I’ll give you:

the exact Filter String(s) (if you must use B), and
a tiny PowerShell/VA splitter that generates per-source CSVs (A).

Cheers!!!

Topic		Replies	Views
Why delimited application are not routed via Virtual Appliance? ISC Discussion and Questions identity-security-cloud	3	58	June 16, 2025
Delimited File SaaS Connector SaaS Connectors saas-connector , identity-security-cloud , community-developed	3	526	August 6, 2025
Delimited File Source operations via API ISC Discussion and Questions apis , identity-security-cloud	3	1000	July 19, 2023
Automate Delimited Source aggreagtion ISC Discussion and Questions identity-security-cloud , sources , developer-days-2025	4	75	February 18, 2026
Delimited File Connector - Complex Logic ISC Discussion and Questions identity-security-cloud , sources , isc-questions-and-answers	5	103	September 16, 2025