Can we configure to send email to user’s manager when an Admin resets the password of a user in SailPoint ISC?
You might be able to build a workflow for this use case.
I would look at triggers:
Identity Attribute Changed
Source Account Updated
External Trigger
Native Change Account Updated
Then I would look at comparing the Actor to a list of Admins. Might have to make an API call to IDN to pull that list. Then loop over them to compare the string value to see if any match. I would then pull the user account and grab the manager then pull back the manager details to extract the email address of the manager. Then send the email to the manager.
Else do nothing.
The requirement here is if an admin resets any user’s password, the password reset email should go to that user’s manager and by default SailPoint sends it to the user’s email
I am not aware of a way to modify who an email goes to using the email templates. Looking at the Account Password Reset template I do not see the to or bcc as an item that can have values applied.
The only way I know how to get around this is using workflows. And you would just copy and paste the template in the send email call.
That’s correct, the OOTB email templates cannot have a custom “To” address as it is defaulted to be sent to the end user/identity.
Mark’s idea via workflows seems like a more reasonable approach to me. Continuing his logic, workflows give you the flexibility to fetch the identity’s manager details and use it in a “Send Email” step with the email body defined as per your requirement.
What trigger can be used to find which user’s password an admin is trying to change in SailPoint ISC?