Managing Comments in the IdentityIQ

To populate comments on the Access Request

As a part of Access Provisioning, you can populate comments on the Access Request page in the IdentityIQ. The comment is included out-of-the-box as a description attribute for each ticket type .

For existing Service Desk Integration applications, you need to modify the application Debug page to include the comments for Access Request as explained below for each ticket type:

  1. For serviceRequest ticket type:

    When the ticket type is serviceRequest then modify the value of the description to include comments as shown below:

    <entry key="description" value="#if($request.operation == 'Create') Create Account on application $request.resource #elseif($request.operation == 'Delete') For $request.id in application $request.resource : Requested action from SailPoint : Delete Account #if ($request.arguments.comments), Comments : $request.arguments.comments #end #else For $request.id in application $request.resource #end #if ($request.items) $newline #foreach ($item in $request.items) #if ($item.name == '*disabled*' &amp;&amp; $item.value == 'true') Requested action from SailPoint : Disable Account #if ($request.arguments.comments), Comments : $request.arguments.comments #end $newline #elseif ($item.name == '*disabled*' &amp;&amp; $item.value == 'false') Requested action from SailPoint : Enable Account #if ($request.arguments.comments), Comments : $request.arguments.comments #end $newline #elseif ($item.name == '*locked*' &amp;&amp; $item.value == 'false') Requested action from SailPoint : Unlock Account #if ($request.arguments.comments), Comments : $request.arguments.comments #end $newline #else $!item.Operation $item.name: $item.value #if ($item.arguments.comments), Comment from SailPoint : $item.arguments.comments #end $newline #end #end #end" />

  2. For changeRequest ticket type:

    When the ticket type is changeRequest then modify the value of the u_description to include comments as shown below:

    <entry key="u_description" value="#foreach($req in $plan.requests) #if($req.operation == 'Create') Create Account on application $req.resource #elseif($req.operation == 'Delete') Delete Account on application $req.resource For $req.id #if($req.arguments.comments) Comments: $req.arguments.comments #end #else For $req.id in application $req.resource #if($req.arguments.comments) Comments: $req.arguments.comments #end #end #if($req.items) $newline #foreach($item in $req.items) #if($item.name == 'disabled' &amp;&amp; $item.value == 'true') Requested action from SailPoint: Disable Account #elseif($item.name == 'disabled' &amp;&amp; $item.value == 'false') Requested action from SailPoint: Enable Account #elseif($item.name == 'locked' &amp;&amp; $item.value == 'false') Requested action from SailPoint: Unlock Account #else $!item.Operation $item.name: $item.value #if($item.arguments.comments) Comment from SailPoint: $item.arguments.comments #end #end $newline #end #end #end" />

  3. For incident ticket type:

    When the ticket type is incident then modify the value of the u_description to include comments as shown below:

    <entry key="u_description" value="#foreach($req in $plan.requests) #if($req.operation == 'Create') Create Account on application $req.resource #elseif($req.operation == 'Delete') Delete Account on application $req.resource For $req.id #if($req.arguments.comments) Comments: $req.arguments.comments #end #else For $req.id in application $req.resource #if($req.arguments.comments) Comments: $req.arguments.comments #end #end #if($req.items) $newline #foreach($item in $req.items) #if($item.name == 'disabled' &amp;&amp; $item.value == 'true') Requested action from SailPoint: Disable Account #elseif($item.name == 'disabled' &amp;&amp; $item.value == 'false') Requested action from SailPoint: Enable Account #elseif($item.name == 'locked' &amp;&amp; $item.value == 'false') Requested action from SailPoint: Unlock Account #else $!item.Operation $item.name: $item.value #if($item.arguments.comments) Comment from SailPoint: $item.arguments.comments #end #end $newline #end #end #end" />

Note
For special characters handling in the comment, refer to the instructions explained in the troubleshooting point: Error: Ticket creation fails when Access Request comments contains special characters.

To populate ticket resolution comments on the Identity Request

You can populate resolution comments from ServiceNow on the Identity Request in the IdentityIQ. The resolution comments from the ServiceNow ticket (Service Request / Incident / Change Request) mentioned as closeNotes will be fetched and shown on the Identity Request page as Errors and Warnings message. The respective closeNotes for any ticket type can be fetched based on the tracking status you are interested in. For more information, refer to Configuring IdentityIQ to Integrate with ServiceNow