SailPoint Connectivity Updates

As a fast follow on to our earlier release this month, for one of the leading credential providers, we now announce the release of Credential Provider Integration with AWS Secrets Manager.

We are excited to announce that three new SailPoint Guidewire InsuranceSuite integrations are live: BillingCenter, ClaimCenter, and ContactManager! 

We are super excited to announce the rolled out of new SailPoint SaaS Integrations in the Identity Security Cloud as following -

• CyberArk Privilege Cloud Shared Services SaaS
• BeyondTrust Password Safe SaaS
• Oracle EPM - AR SaaS (Oracle Enterprise Performance Management Cloud - Account Reconciliation)
• Oracle EPM Cloud - FCCS SaaS (Oracle Enterprise Performance Management Cloud Financial Consolidation and Close system)

These SaaS Connectors do not require a Virtual Appliance to run and provide SaaS-SaaS connectivity for CyberArk Privilege Cloud Shared Services, BeyondTrust Password Safe and Oracle EPM (AR and FCCS) systems.

Introducing the new SailPoint Identity Security Cloud Governance (SaaS) connector within the Identity Security Cloud. This connector treats the Identity Security Cloud as a governed system, handling identities as "Accounts". Additionally, it oversees user levels (permissions), roles, and governance groups as entitlements. Simplifying access requests and reviews, the access model of the Identity Security Cloud Governance connector streamlines the process.

This is a SaaS Connector that works for your Identity Security Cloud tenant.

NetSuite Connector: Upgrade Timeline & Important Enhancements

• The updated version of the Oracle NetSuite connector supporting WSDL v2023 will be released on 1st July 2024. 
• Any new sources configured for the Oracle NetSuite connector will only support WSDL v2023 with Token-Based Authentication. Support for basic authentication and pass-through authentication will not be available for any new sources configured after 1st July 2024
• The existing sources of Oracle NetSuite connector configured using WSDL v2019 will be supported until the end of 2024. Starting in 2025, only the latest version of WSDL (v2023) and only TBA authentication will be supported

SailPoint is happy to announce that the IQService-Jun-2024 version is going to be available in end of June’2024 with new capabilities and enhancements. 

Multi-Host capability support for MS SQL Server & Oracle DB

The Multi-Host solution enables bulk integration of infrastructure components and server configurations, all from a centralized user interface.

It streamlines the customer onboarding experience and facilitates mass integration of servers, including rapid source creation and configuration.

Availability: Release Dates & Documentation

Initially released for MS SQL Server and Oracle DB, Multi-Host is set to transform the way organizations manage their infrastructure integration with ISC.

• Microsoft SQL Server documentation: LINK HERE
• Oracle Database documentation: LINK HERE 

We are super excited to announce the rolled out of new SailPoint SaaS connectors in the Identity Security Cloud as following- 

• UKG Pro Core HCM SaaS
• SuccessFactors LMS SaaS
• Oracle Fusion HCM Accounts SaaS
• Duo SaaS 

These SaaS Connectors do not require a Virtual Appliance to run and provide SaaS-SaaS connectivity for UKG Pro Core HCM, SuccessFactors LMS, Oracle Fusion HCM Accounts and Duo systems. 

We are super excited to announce the rolled out of new SailPoint Identity Risk SaaS connectors in Identity Security Cloud - CrowdStrike, Proofpoint and Elevate Security. These SaaS Connectors do not require a Virtual Appliance to run and provide SaaS-SaaS connectivity. These SaaS Connectors has a core capability for bringing risk information for accounts for Identity Protection.

New SailPoint Connectivity released in the first quarter of 2024 include innovative new connectivity and improvements to existing connectivity. Learn more...

We are excited to announce that the new SailPoint Guidewire PolicyCenter connector is now live! 

We are excited to announce the rollout of new SailPoint SaaS connectivity for Identity Security Cloud., including Slack, Zoom, and Atlassian Suite. These new connectors provide direct SaaS-SaaS connectivity for Slack, Zoom and Atlassian Suite systems without the need for a virtual appliance (VA). 

We are excited to announce that the new SailPoint Google Workspace SaaS Connector is now Live!

The Google Workspace SaaS connector lets organizations govern access to Google Workspace Accounts, Service Accounts, Domains and the associated Google Groups. This includes aggregation, provisioning, and the management of entitlements at the account level.

Credential rotation is regularly changing and updating credentials to reduce the risk of unauthorized access. By rotating credentials regularly, organizations can limit the window of opportunity for attackers to exploit compromised credentials.

A few reasons to rotate credentials regularly include:

• Mitigating the risk of credential theft
• Compliance requirements
• Minimizing the impact of a breach
• Enhancing security posture

With Credential Provider Integration, a framework that supports fetching the latest credentials “always” from privileged Access Management systems for sources to carry out their interaction with target systems, ensures that the organization meets the security needs.

This release aims at providing the Credential Provider Integration for CyberArk Shared Services with Conjur Cloud.

Identity Security Cloud customers can now leverage this capability that:

• Allow integration with any source/connector through the credential provider
• Support fetching of latest credentials from vaults for enhanced security

To know more about its configuration for Credential Provider Integration – CyebrArk Shared Services with Conjur Cloud, use the URL below using a compatible browser: 

CyberArk Shared Services Credential Provider

SailPoint Connectivity is focused on extending core identity security capabilities to the most critical business applications, including Microsoft and a deeper integration with Microsoft Entra ID (formerly known as Azure Active Directory). Find out more...

We are super excited to announce the rolled out of new SailPoint SaaS connectors - Workday Accounts SaaS, Box SaaS, Dropbox SaaS and Zendesk SaaS in Identity Security Cloud. These SaaS Connectors do not require a Virtual Appliance to run and provide SaaS-SaaS connectivity for Workday Accounts, Box, Dropbox and Zendesk systems.

We are super excited to announce that new SailPoint Okta SaaS Connector is now Live!

This is a SaaS Connector that does not require a Virtual Appliance to run. This SaaS connector provides identity management and governance to protect Okta users, and associated groups, roles and applications. This includes aggregation, provisioning, and the management of entitlements at the account level.

We would like to bring to your attention an important update concerning SailPoint's ServiceNow Service Catalog.

All SailPoint's ServiceNow Service Catalog for IdentityNow app users need to upgrade to Version 3.1

We are super excited to share that the "Lifecycle management of Service Principals as Accounts" feature of Microsoft Entra ID Connector is now generally available in the production tenants!

We are super excited to announce that new SailPoint Ceridian Dayforce HCM (SaaS) Connector is now available in Identity Security Cloud!

As per our internal engagement with Okta, we came to know the recent API changes from Okta. There is no public notification or documents around it from Okta side yet. You might have received this update as well if your Okta org is one of the impacted system that might affect after June 28th, 2024. SailPoint is well aware of this change and we are making changes in our connector implementation to handle this end to end before the deadline.

Dear Valued Customer,

We want to inform you about an important update regarding our SAP GRC integration, specifically with GRC version 12 SP19 and above.

SAP has introduced significant modifications in its SAP GRC version AC 12.0 SP19 and above in inactive users and sync job processes, which has affected our SAP GRC connector functionality adversely.

We have addressed the impacts of these changes and the fixes have been rolled out to staging and production for IdentityNow customers.

Details about the issues and fixes

Diable Operation

• Issue: With the upgrade of GRC from AC12 SP19 & above, you may see System attribute on account schema as INACTIVE_USER  for the aggregated accounts which are disabled only on highest priority system on SAP GRC

• Resolution: This issue is observed due to the Repository sync job changes introduced by SAP for updating their table values. For resolution, kindly ensure the changes on GRC and source configuration as below:
• Ensure that the Repository sync job is scheduled on your SAP GRC instance.
• The option for ‘Disable only Master’ system has been removed from the source config. UI without impacting existing customers’ configuration. We highly recommend you to revisit your source configuration for ‘Disable’ operations. The changes have been documented in Enable and Disable Account section
• Provide additional permissions required on the SAP Tables for GRC 12 SP19 and above for Aggregation and Disable operations. Kindly refer to our doc guide Configuration Table for SAP GRC section

Modify Operations

• Issue: SAP has introduced a new process where any modifications/changes in the user profile reflect in GRC tables only after completing the Repository sync job. This has adversely affected our connector operations
• Resolution: The following steps must be performed sequentially for a successful modify operation:
• Configure the Attribute Sync request on the user in IdentityNow for the GRC source. To configure the attribute sync request, refer to Synchronising Attributes - SailPoint Identity Services.
• Run the Repository Object Sync job on your GRC system
• Execute User Aggregation on your GRC source to get the updated values of the user attributes.

Link to our previous blog post which includes moe details and SAP KB Articles as attachments

Kindly reach out to your CSM or our support team for any queries or issues.

Sincerely,

SAP Integrations Team