Which IIQ version are you inquiring about?
8.4
Share all details about your problem, including any error messages you may have received.
We have SAP GRC integration with Risk Analysis mode enabled, and SailPoint will handle provisioning based on SAP GRC mitigation response. When we implement SAP GRC as same system for integration and SoD policy check, (With same name for connector and risk initialization system), this works fine as per configuration.
When we try for “Cross System GRC” function configuration as mentioned in documentation, we see it is not working.
In “GracIdmRiskWoutNoServices” webservice call, we need different value for Connector to define SAP GRC scope. For other webservice “GracIdmUsrAccsReqServices” call , we need different connector value. Is it possible two have different connector name?
If yes, how to achieve this through implementation?
Or it is not at all possible to have two different values for “Connector” variable on these two different webservice call.
As confirmed by SailPoint IIQ product team, the SailPoint documentation on SAP GRC configuration for cross-system is incorrect - Configuring Risk Management for Provisioning Through SailPoint
In their own words, SailPoint do not support “cross system SoD checks” invocation in SAP GRC system in SAP integration option “Risk Analysis”:
We understand from the documentation that this feature has undergone changes to streamline SAP GRC access request provisioning, which is in line with the needs of the majority of SAP GRC customers. However, we are aware that this shift now means there is no Out-of-the-Box (OOTB) support for Risk Management related to cross-application Segregation of Duties (SoD) checks.
Although previous documentation suggested the availability of this feature, we understand that the complexities involved in integrating cross-application SoD checks in the OOTB version make it unsupported at this time. We regret any inconvenience this may cause.
While, there may be few options on only available integration mode “Access Management” for SAP GRC instance, that might or might not support Risk Management related to cross-application Segregation of Duties (SoD) checks.
Thanks for sharing the update.