The user invitation email should be sent first to the HR group email. or HR group email to add in CC. (without using workflow since it is not available). then,
HR will forward to the personal email of the user for registration. (The personal email is not stored in the authoritative source).
Current Setup:
Work email: [blank, IDN to generate unique email]
Alternate email address: HR email
I am using AD pass-through authentication. I have configured the invitation method to send emails to an alternate email (where the predefined email is the HR email). Additionally, I have changed the Registration Now URL to the Forgot Password link. This change was necessary because using the default Registration Now URL does not synchronize the nominated password with the SAP S/4 HANA account. However, using the Forgot Password link ensures synchronization with all associated accounts.
How can the user register in SailPoint after receiving the forwarded email from HR and receive the verification code on their personal email?
The problem with the approach is that you have to get the personal email into SailPoint in order for the code to be sent or the user is going to have to activate their account in HR where someone can retrieve the code.
Does the authoritative source have a personal phone number? Could that be used for the code?
The only other option that I can think of is to create a file source that HR will maintain in SailPoint with the personal email addresses of the new employee.
If I use the user’s personal email address to receive the code,
is there a way for HR to be notified that a user is already registered in SailPoint?
Or how do I CC HR in the User Invitation Email Template?
Without having workflows, you might be able to come up with a process that uses multiple lifecycle states. When the user Identity is created, send the invitation to the personal email which is HR. Put the user in a lifecycle state like “Activation” Have HR update the personal email. Then have HR forward the invitation. Once the user has “activated” their ISC account, move the lifecycle state to “Active”. Then you could use the lifecycle state change email to notify HR.
