cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Identity Security Cloud Governance Connector

Identity Security Cloud Governance Connector

The SailPoint Identity Security Cloud Governance (SaaS) connector provides a deep level of governance and access management capabilities for the Identities present within the Identity Security Cloud tenant. 

It manages Identities as accounts, and user levels (permissions), roles and governance groups as entitlements. In case, you are already using some custom solutions to achieve this, then you might have know the use cases as a loopback or management connector. 

Support Level: SailPoint Delivered

This SaaS Connector is developed by SailPoint's Engineering team and supported under the annual SailPoint support and maintenance. Reach out to SailPoint support for assistance.

 

Supported Use Cases

  • Account Management 
    • Manages Identity Security Cloud Identities as Accounts
    • Aggregate and Refresh Accounts
    • Full Account Aggregation
    • Single Account Aggregation
    • Account Aggregation Filters
    • Create Accounts
    • Enable/Disable Accounts
    • Add or Remove Entitlements

  • Entitlement Management
    • Manages Identity Security Cloud Roles, Governance Groups and User levels (Permissions) as Entitlements
    • Aggregation
    • Entitlement Aggregation Filters 

NOTE -

  • Identity Security Cloud Roles are not a part of the default schema and you can add it in the account and entitlement schema based on your requirement and use cases. 

Related Documentation

 

Out of the Box Availability 

SailPoint is offering this connector on the new SaaS Connectivity Platform for Identity Security Cloud. Connectors running on this new platform do not require a virtual appliance.

 

Comments

i may be to quick but the documentation link i am getting a 403.

@410sean it literally says "(COMING SOON)

Hi @410sean and @garbot, I am pleased to update you that it is now LIVE! 

Hi @dinesh_mishra is it correct to conclude that this feature was built with the assumption that administrator use their HR identities to perform actions higher than an end user and not a separate identity?

hi @dinesh_mishra 
Thank you for delivering this connector! It was highly expected.
Though, I'm not sure to understand the use case for aggregating the roles defined in ISC as entitlements. Could you share some light on this or point me to a documentation? Thanks!

Hi @AlexianeChesne

We considered the “Roles” based on the feedback from few of our customers where customer wants the visibility for the associated Roles as a part of the entitlements for the accounts.

I agree that it might not be required for everyone to manage roles as a part of this connector and it is ‘just in case’ kind of deal.

This is no longer an out-of-the-box attribute for newly created sources, so in case someone is interested; then can add it explicitly.

If you already created a source where it is appearing which is not required for your use cases and requirement, it can be removed from the account schema (Roles) and as well as from the Group attributes

Similarly, for other types of entitlements. We have some feedback where customer wants to manage only User Levels, so in that case they can keep only User Levels as entitlements. We tried to provide all the flexibilities within the same connector so that it can be easily configured based on the specific requirement.

Thanks! 

Hi @shailpatil1, there is no impact to any existing flows or processes. This connector solves the access request and access review process for Identities for the Identity Security Cloud permissions, privileges and groups.  

Administrator can review of the access and take the informed decisions for user levels (permissions), and governance groups. Thanks. 

Hi @dinesh_mishra, when will the new "launcher" entitlements be added?

Version history
Revision #:
4 of 4
Last update:
‎Jun 27, 2024 01:10 AM
Updated by:
 
Contributors