Event Triggers in SailPoint's Cloud Services
IdentityNow has a set of event triggers that you can configure to connect to webhooks in third-party systems. This feature is currently in Early Access.
Some triggers are available by default. You can request other triggers from a list.
- Available Event Triggers
- Event Trigger Details
- Configuring Subscriptions to Event Triggers in SailPoint's Cloud Services
- A familiarity with event triggers and webhooks
- Access to a third-party system with the ability to configure webhooks
Available Event Triggers
You can subscribe to the following triggers in SailPoint's cloud services by default, in both the API and UI:
- Identity Attribute Changed - One or more identity attributes were changed.
- Identity Created - An identity was created.
- Identity Deleted - An identity was deleted from IdentityNow, sometimes because their account on the authoritative source was removed or because their required attributes are no longer correctly filled.
- Scheduled Search - A scheduled search completed, and the results are available.
- Identity Aggregation Completed - An account aggregation completed, was terminated, or failed.
The following triggers can be enabled for your org in both the API and UI upon request:
- Access Request Decision - An access request was approved or denied.
- Access Request Submitted - An access request to add or remove access from a user was submitted.
- Provisioning Completed - A provisioning action completed on a source.
- Access Request Dynamic Approval - An access request to add or remove access from a user was submitted. This trigger adds an identity or governance group to the review process based on criteria you add.
Event Trigger Details
By clicking each event trigger, you can see details about the trigger that you'll need to configure the webhook.
- Trigger Name - The name of the trigger in SailPoint's cloud services.
- Trigger ID - The unique ID of the trigger.
- Description - A description of what causes the trigger to fire, sometimes with additional information.
- Type - Whether the trigger is a Fire and Forget trigger or a Response Required trigger.
- Input Schema - The schema of the JSON blob IdentityNow sends to the webhook. You can also see an Example Input.
- Output Schema - The schema of the JSON blob IdentityNow expects to be returned from a webhook for Response Required triggers. You can also see an Example Output.
Configuring Subscriptions to Event Triggers in SailPoint's Cloud Services
All event triggers can be configured using the API.IMPORTANT: Before configuring a subscription in IdentityNow, make sure you've configured the information the webhook needs to receive event triggers.
Complete the following steps:
1. Sign in to SailPoint's cloud services and go to the Admin interface.
2. Click Event Triggers.
A list of available triggers is displayed.
3. Click the Subscribe button beside a trigger to subscribe to it.
A Fire and Forget type trigger can have up to 50 subscriptions, and a Response Required trigger once.
4. Enter the following information for your subscription:
5. Click Save.
You can take several actions on the Subscriptions page.
Click the slider in the Enabled/Disabled column to change the status of the subscription.
Click the menu icon beside a subscription to do the following:
- Edit an existing subscription
- Delete that subscription
- View the Activity Log for that specific trigger
- Select Test Subscription to send a test of this trigger using mock data.
Click Activity Log in the left menu to see a complete list of activity for all subscriptions in your org.