Guide to Provisioning

SailPoint's Provisioning service is designed to automate granting access to users, so they can have access to what they need, when they need it. Granting proper access for your users is a vital part of keeping your organization running smoothly and securely. But manually changing and tracking that access is difficult, time-consuming, and error prone. Automating this process reduces the time and effort required to maintain the security of your organization.


For details, see:




Provisioning helps you to:

  • Quickly and efficiently manage employees' access - Automatically grant your employees access as soon as they need it, ensuring minimal wait time and simplifying the onboarding process.
  • Monitor access to reduce the risk of insider threats - You can see what access is being granted every step of the way, so there's never any confusion about what's being given to a user or what they can access.
  • Improve productivity by ensuring access and automating manual processes - Our automated provisioning services ensure that your work gets done when it needs to, while decreasing the burden on IT.


IdentityNow allows you to effortlessly manage employees' access based on factors that affect what they're going to need - such as their hiring status within your company and their job's requirements. You can configure IdentityNow to track changes in any of these factors and adjust employees' access accordingly.




Granting and revoking access on sources is easy with IdentityNow. By configuring lifecycle states and roles for your employees that represent the statuses and job functions in your company, you can ensure that users have access to what they need when they need it.


Lifecycle states give you the power to control what a user can access in each stage of employment. For example, new employees get the Pre-Hire lifecycle state, which grants them only limited access. On day one, the users become Active, and they get a full set of privileges. You can create as many lifecycle states as you need to reflect your organization's needs.


While lifecycle states correspond to broad sets of access, IdentityNow's roles oversee granular access. Roles are designed to correspond with individual job titles within your organization, so if any of your employees move departments or change jobs, you can adjust their access automatically.




Most of the time, your users won't notice IdentityNow granting them access behind the scenes. However, they might notice an improvement in the amount of time it takes them to get what they need if their job title changes. The onboarding process might shorten as users are granted access automatically. And because IT is no longer caught up with manual efforts, they can answer users' questions and meet other needs faster.


Source Owners


Most of the time, IdentityNow can automatically grant and remove entitlements. However, when it can't, IdentityNow saves you time by creating a task for the owner of a source that tells them to create an account or edit entitlements on a source. This simplifies the process of granting accounts by giving source owners all of the information they need in a single place.


Documentation for Administrators


Configuring the Basics


IdentityNow Foundation Data


Get started in IdentityNow before you configure Provisioning.


Configure IdentityNow for Provisioning


Learn about the process of configuring Provisioning for your site.


Configure Sources to Support Provisioning


Decide which sources you'd like to provision to, and configure those sources for provisioning.


Preparing for Provisioning


Transform Data for Use on a Source


Find out more about transforms, which make changes to data coming from or going to a source, and can be used to create lifecycle states.


Generate Data Appropriate for a Source


Find out more about generators, which use data already in your system to generate data.


Edit the Create Profiles for your Sources


Determine how you'd like to provision accounts for each source.


Configuring Provisioning Data


Create Lifecycle States


Create and configure lifecycle states to provision accounts or create tasks for the source owner when a user's status changes.


Create Roles


Create and configure roles to change access or create tasks for the source owner when a user's job title changes.


Configure Account Sync


For some sources, you can automatically update data on a source on a scheduled basis.


Tracking Provisioning Data


View Provisioning Reports


Track your provisioning activity with audit reports.


Integrating with Service Desk Applications


ServiceNow SIM Integration


Configure your ServiceNow instance to generate tickets based on provisioning actions in IdentityNow with help from Expert Services.


Documentation for Source Owners


Completing Provisioning Tasks


Manually Provision Accounts and Entitlements


Complete the manual provisioning tasks in your Task Manager.


Troubleshooting Tasks


Solve Provisioning Problems


If your provisioning task doesn't have enough information, or if you're seeing an error, contact your administrator.

Labels (1)
Version history
Revision #:
2 of 2
Last update:
‎Nov 25, 2020 12:13 PM
Updated by: