Service Accounts in SailPoint Use Cases

Alyson_Trad · April 22, 2024, 2:20pm

Which IIQ version are you inquiring about?

Version 8.2

Share all details related to your problem, including any error messages you may have received.

We are exploring adding Service Accounts into our SailPoint environment. I am looking for more use cases for having service accounts in SailPoint. Can anyone share how you use service accounts in SailPoint today and some use cases for this?

MuhammadMustafa · April 22, 2024, 3:03pm

Hi @Alyson_Trad

https://community.sailpoint.com/t5/Crash-Courses/Crash-Course-Best-Practices-to-Manage-Service-Accounts-in/ba-p/210274

This one also:

https://community.sailpoint.com/t5/Technical-White-Papers/Service-Accounts-Best-Practices/ta-p/74286

vic_rinkenberger · April 22, 2024, 4:01pm

Hi @Alyson_Trad ,

We have had service accounts (and on-call/bot/test accounts) in our IIQ environment for about eight years.

Our use cases are:

Setting ownership on each account. When an owner moves areas or leaves the company, we have an automated process that get the reassignment of ownership started.
Creating new accounts. We have a Quicklink form that can be filled out to create a new service account. After approvals are gathered, the account is automatically provisioned. Also, the account is automatically added to a selected safe in our Password Vault solution (using the PAM module).
Deleting service accounts. Similar to the creation form, we have a deletion form.
Allowing for access requests. Service accounts can have access requested for them in Manage Access, just like any other account.

There are probably other use cases, but those are the main ones I can think of. Let me know if you have any questions.

ipobeidi · April 23, 2024, 11:53am

hey Alyson,

Wha i’ve done in a number of clients that had service accounts was to create it as a Identity of type “Service Account”.
We them, used the Adminsitrator and Manager field to relate it to existing user Identity.
Also on every application we correlated the Accounts with its correct identity, in some cases we had accounts with the same username in multiple applications.
We them created a LCM for these accounts, and a Type of “Certification” were the administrator had to ensure that the account was still in use.

Theres alot of different approachs , but threat it as a Identity helps alot.

best!

Topic		Replies	Views
Application decommission in sailpoint IIQ Discussion and Questions identityiq	2	69	April 18, 2024
Seeking Guidance and Clarifications for SailPoint IIQ Implementation IIQ Discussion and Questions apis , identityiq , roles	2	250	March 6, 2024
Custom Message on IdentityIQ IIQ Discussion and Questions rules , identityiq	4	179	March 13, 2024
Issue to having connection with ServiceNow using SailPoint IdentityNow for Service Catalog v3.1 app ISC Discussion and Questions identity-security-cloud , identityiq	5	52	May 1, 2024
Use cases covered to monitor SailPoint IIQ using QRadar IIQ Discussion and Questions identityiq	2	250	December 30, 2023

Service Accounts in SailPoint Use Cases

Which IIQ version are you inquiring about?

Share all details related to your problem, including any error messages you may have received.

Related Topics