8.4p1
I have referred to this Advanced Policy Violation Rule - IdentityIQ (IIQ) / IIQ Community Knowledge Base - SailPoint Developer Community but this is just getting the identity links, is there anyway that we can get what did user raise in the access request if it is a change password request etc and throw violation for this?
Thank you.
A policy violation refers to an identity violation based on access permissions. It gets evaluated during access requests, which we consider a preventive mechanism, as well as during identity refreshes, which are viewed as a detective mechanism. In general, you can determine whether a violation occurs based on access/roles, and you can also use account details through the ‘identity’ argument. However, you won’t get details directly from the identity request. Instead, use the ‘identity’ attribute, retrieve the actual identity through the context, and compare both to check for details related to password requests.