Hi everyone,
When a new user is created in an HRMS source, I want the Joiner lifecycle event to trigger automatically and provision accounts without running the Identity Refresh task.
Is this possible out of the box in IIQ? If not, what is the recommended approach (custom workflows, rules, or real-time triggers) to achieve this behavior?
Thank you.
Hello @vsuddala In IdentityIQ, Joiner events are triggered only after IIQ updates the identity data. You don’t need to run anything manually—by scheduling HRMS aggregation and Identity Refresh tasks, new users will be picked up automatically and provisioning will happen as expected, so please check the scheduled tasks configuration.
You can add refresh options such as processTriggers to the XML of your aggregation task.
Hi @vsuddala
As per understanding the answer is no, this is not possible out of the box through a single HRMS aggregation task alone.
By design, an Aggregation Task is responsible for pulling data and creating/updating the Identity Cube, while the Identity Refresh Task (with “Process Events” enabled) is the engine that evaluates lifecycle states and fires the Joiner event.
Hi @phodgdon
Are you indicating that this process trigger will execute events for each identity?
You have the ability to schedule a Refresh Job, which is an automated process.
The Aggregation Task is specifically structured to obtain data and support the formation or modification of the Identity Cube.
On the other hand, when the “Process Events” feature is enabled for the Identity Refresh Task, it functions as the tool that evaluates lifecycle statuses and initiates the Joiner event.
Therefore, we kindly request that you schedule the refresh job.
I think what Arava has mentioned is correct. Once the aggregation is done from your HRMS source, you need to schedule the refresh task with process events option as enabled, and other option as per the requirement. Without that any JML events can’t be triggered.
For any identity that is updated as part of the aggregation where the data is changing.
Out of the box, a single HRMS aggregation task cannot trigger the Joiner lifecycle event by itself. By design, the aggregation task only pulls data from the source and creates or updates the Identity Cube in IIQ. Lifecycle evaluation (Joiner, Mover, Leaver) does not happen during aggregation. The Identity Refresh task, specifically with “Process Events” enabled, is the component that evaluates lifecycle conditions and fires the Joiner event. Without running Identity Refresh (or an equivalent custom process), Joiner-based provisioning will not be triggered automatically.
Possible ways are:
We have a bunch of the refresh options set in our aggregation tasks. It’s not really documented, but does work.
We don’t normally run identity refresh tasks.