Introduction to IQService
Revised Date: 20 July, 2022
IQService, also referred to as the Integration Service, is a native Windows service that enables IdentityNow to participate in a Windows environment and access information only available through Windows APIs.
It is a lightweight service that must be installed on any supported Windows Server that has connectivity to the target systems you want to manage in IdentityNow.
The figure shows communication flow of IQService with various end system. A single IQService instance can serve to multiple sources of same or different source types. Though for enhanced performance, it is recommended to setup separate instances for each of the source. IQService supports setting up multiple instances on the same system, though these instances would be sharing the same system resources and might degrade performance. If you have IdentityIQ and IdentityNow in your environment, install a separate instance of IQService for each system.
Securing all communications coming in and going out from IQService is very crucial to ensure overall security of the solution and data integrity. Refer to IQService Security Considerations for more details. IQService executable and libraries are digitally signed to ensure integrity of the files.
With the latest release, IQService is packaged with UpdateService, which needs to be configured alongside IQService to enable the auto update functionality. Once the UpdateService is configured, no manual intervention is required for further releases. SailPoint recommends configuring the UpdateService for seamless updates of IQService without manual intervention. To ensure secure communication between the services, SailPoint recommends that you use TLS and Client Authentication for IQService configuration, which in turn is used by the UpdateService for communication.