Hello Everyone,
We’re working on a scenario in IdentityIQ where form fields may include special characters like < and >. When submitting the form, we receive a validation error:
“The field contains character(s) that are not allowed.”
This is observed even in fields where no <ValidationScript> is defined. We do have custom logic for checking special characters, but the validation for < and > appears to be triggered by internal or global rules, not our own.
Hello @rvaidya I suggest checking the validations by going to the Debug page and opening the Form object. Look for any rule attached to the specific field and, if possible, please share it here so we can help you further. You can also check under Global Settings → IdentityIQ Configurations → Miscellaneous for related settings
Yes, this behavior is expected in SailPoint IdentityIQ. Even if you don’t define a <ValidationScript>, certain characters like <, >, and & are restricted.
SailPoint IdentityIQ doesn’t manually validate these characters,it relies on Java XML parsers, which are strict by design. These parsers throw error immediately whenever they encounter these special characters.
That’s why direct use of <, >, or & breaks the XML parsing.
Instead, you need to use their escaped versions:
< → < > → > & → &
ex: suppose in a workflow XML you have: <Description>Check if value < 5</Description> < 5 is treated like a malformed tag.
