Guide to Provisioning

SailPoint's Provisioning service is designed to automate granting access to users, so they can have access to what they need, when they need it. Granting proper access for your users is a vital part of keeping your organization running smoothly and securely. But manually changing and tracking that access is difficult, time-consuming, and error prone. Automating this process reduces the time and effort required to maintain the security of your organization.

 

For details, see:

 

Overview

 

Provisioning helps you to:

  • Quickly and efficiently manage employees' access - Automatically grant your employees access as soon as they need it, ensuring minimal wait time and simplifying the onboarding process.
  • Monitor access to reduce the risk of insider threats - You can see what access is being granted every step of the way, so there's never any confusion about what's being given to a user or what they can access.
  • Improve productivity by ensuring access and automating manual processes - Our automated provisioning services ensure that your work gets done when it needs to, while decreasing the burden on IT.

 

IdentityNow allows you to effortlessly manage employees' access based on factors that affect what they're going to need - such as their hiring status within your company and their job's requirements. You can configure IdentityNow to track changes in any of these factors and adjust employees' access accordingly.

 

Administrators

 

Granting and revoking access on sources is easy with IdentityNow. By configuring lifecycle states and roles for your employees that represent the statuses and job functions in your company, you can ensure that users have access to what they need when they need it.

 

Lifecycle states give you the power to control what a user can access in each stage of employment. For example, new employees get the Pre-Hire lifecycle state, which grants them only limited access. On day one, the users become Active, and they get a full set of privileges. You can create as many lifecycle states as you need to reflect your organization's needs.

 

While lifecycle states correspond to broad sets of access, IdentityNow's roles oversee granular access. Roles are designed to correspond with individual job titles within your organization, so if any of your employees move departments or change jobs, you can adjust their access automatically.

 

Users

 

Most of the time, your users won't notice IdentityNow granting them access behind the scenes. However, they might notice an improvement in the amount of time it takes them to get what they need if their job title changes. The onboarding process might shorten as users are granted access automatically. And because IT is no longer caught up with manual efforts, they can answer users' questions and meet other needs faster.

 

Source Owners

 

Most of the time, IdentityNow can automatically grant and remove entitlements. However, when it can't, IdentityNow saves you time by creating a task for the owner of a source that tells them to create an account or edit entitlements on a source. This simplifies the process of granting accounts by giving source owners all of the information they need in a single place.

 

Documentation for Administrators

 

Configuring the Basics

 

IdentityNow Foundation Data

 

Get started in IdentityNow before you configure Provisioning.

 

Configure IdentityNow for Provisioning

 

Learn about the process of configuring Provisioning for your site.

 

Configure Sources to Support Provisioning

 

Decide which sources you'd like to provision to, and configure those sources for provisioning.

 

Preparing for Provisioning

 

Transform Data for Use on a Source

 

Find out more about transforms, which make changes to data coming from or going to a source, and can be used to create lifecycle states.

 

Generate Data Appropriate for a Source

 

Find out more about generators, which use data already in your system to generate data.

 

Edit the Create Profiles for your Sources

 

Determine how you'd like to provision accounts for each source.

 

Configuring Provisioning Data

 

Create Lifecycle States

 

Create and configure lifecycle states to provision accounts or create tasks for the source owner when a user's status changes.

 

Create Roles

 

Create and configure roles to change access or create tasks for the source owner when a user's job title changes.

 

Configure Account Sync

 

For some sources, you can automatically update data on a source on a scheduled basis.

 

Tracking Provisioning Data

 

View Provisioning Reports

 

Track your provisioning activity with audit reports.

 

Integrating with Service Desk Applications

 

ServiceNow SIM Integration

 

Configure your ServiceNow instance to generate tickets based on provisioning actions in IdentityNow with help from Expert Services.

 

Documentation for Source Owners

 

Completing Provisioning Tasks

 

Manually Provision Accounts and Entitlements

 

Complete the manual provisioning tasks in your Task Manager.

 

Troubleshooting Tasks

 

Solve Provisioning Problems

 

If your provisioning task doesn't have enough information, or if you're seeing an error, contact your administrator.

Labels (1)
Version history
Revision #:
2 of 2
Last update:
‎Nov 25, 2020 12:13 PM
Updated by:
 
Contributors