<Workflow name="TwoLevelRoleCompositionCertification" type="RoleCertification">
<description>
Two-level certification process for role composition, involving primary and secondary certifiers.
</description>
<!-- Variables -->
<variable name="campaignId" type="String"/>
<variable name="primaryCertifiers" type="List"/>
<variable name="secondaryCertifiers" type="List"/>
<variable name="certificationItems" type="List"/>
<!-- Start Step -->
<step name="StartCertification" type="start">
<inputs>
<arg name="campaignId" value="$campaignId"/>
</inputs>
<returns>
<arg name="primaryCertifiers" value="$primaryCertifiers"/>
</returns>
<transitions>
<transition name="toPrimaryCertifierReview" to="PrimaryCertifierReview"/>
</transitions>
</step>
<!-- Primary Certifier Review Step -->
<step name="PrimaryCertifierReview">
<assignment>
<dynamicAssignee>
<identity>
<id>$primaryCertifiers</id>
</identity>
</dynamicAssignee>
</assignment>
<notification>
<templateRef>certification/PrimaryCertifierNotification</templateRef>
</notification>
<task>
<certification>
<action>review</action>
<campaignId>$campaignId</campaignId>
</certification>
</task>
<returns>
<arg name="certificationItems" value="$certificationItems"/>
</returns>
<transitions>
<transition name="toSecondaryCertifierReview" to="SecondaryCertifierReview"/>
</transitions>
</step>
<!-- Secondary Certifier Review Step -->
<step name="SecondaryCertifierReview">
<assignment>
<dynamicAssignee>
<identity>
<id>$secondaryCertifiers</id>
</identity>
</dynamicAssignee>
</assignment>
<notification>
<templateRef>certification/SecondaryCertifierNotification</templateRef>
</notification>
<task>
<certification>
<action>review</action>
<campaignId>$campaignId</campaignId>
</certification>
</task>
<returns>
<arg name="certificationItems" value="$certificationItems"/>
</returns>
<transitions>
<transition name="toCloseCertification" to="CloseCertification"/>
</transitions>
</step>
<!-- Close Certification Step -->
<step name="CloseCertification" type="finish">
<notification>
<templateRef>certification/CertificationCompletedNotification</templateRef>
</notification>
<task>
<certification>
<action>complete</action>
<campaignId>$campaignId</campaignId>
</certification>
</task>
</step>
</Workflow>
Ensure you have notification templates defined in the certification folder:
Deploy Workflow:
Test Workflow:
Customize as Needed:
I know this was always possible, however SailPoint said this is not industry best practice and this customization does have it down-falls like longer entitlement review cycle.