Password Interceptor and Online Interceptor

To ensure that Password Interception or Online Interception function properly, the configuration settings are mandatory. Settings for Password and Online Interception are the same, so they only need to be defined once in IdentityIQ.

Password Interception and Online Interceptor are not enabled by default. There are a few steps that need to be performed to enable it on the Mainframe Connector and in IdentityIQ. The value of hostNameis case-sensitive in the service definitions of SMListener and ResourceEvent.

Password Interception – IdentityIQ supports Password Interception, a feature which enables IdentityIQ to intercept a changed account password on a managed system. IdentityIQ then propagates the new password to other managed systems on which the account is defined.

Online Interception – IdentityIQ supports Online Interception, a feature which enables IdentityIQ to intercept any account, group, or account-group connection changes on a managed system.

Caution
SailPoint doesn't recommend using X-ROL and X-SGP in combination with Online Interceptor. Online Interceptor updates may cause loss of information related to associations of X-ROL and X-SGP with the accounts. You can use the Password Interceptor without any adverse effects to X-ROL and X-SGP.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.

Password Interceptor and Online Interceptor

Documentation Feedback