Provisioning Reference
When SailPoint provisions new accounts, it uses the attributes on the Create Profile page as instructions or a template for what to include in the account. This page is also referred to as the provisioning policy.
Important
This topic describes the configuration of the default Create Profile. However, SailPoint recommends that you work with Services to define a Create Profile specific to your company's needs.
Note
-
You can edit some aspects of this page from the user interface. For more information, refer to How can I edit the Create Profile on a source?
-
The SailPoint Identity Governance connector for ServiceNow does not provision entitlements that do not exist on the ServiceNow instance.
-
The SailPoint Identity Governance Connector for ServiceNow supports non-English characters for the email address attribute.
-
There is no error or failure while updating the email address of an account that has the email pattern such as: "test.email@non.test-domain.com".
-
The source correctly displays the time zone attribute for US/Central region in the create provisioning policy form.
The following generators create required information for a new ServiceNow account. You may need to edit the contents.
|
Account Attribute |
Generator |
Description |
|---|---|---|
|
user_name |
Generator (Create Unique Account ID) |
This generator uses the value in the Pattern Used field to generate a unique User ID for the new account. |
|
first_name |
Identity Attribute |
The first name of the user. |
|
last_name |
Identity Attribute |
The last name of the user. |
|
department |
Disable |
The user’s department name. |
|
title |
Disable |
The title or designation of the user. |
|
password |
Generator (Create Password) |
This generator creates an initial password for the new account that matches the password policy assigned to the associated SailPoint Identity Governance Connector for ServiceNow. |
|
password_needs_reset |
Static |
This is to indicates whether the user should be prompted to change their password at next login. |
|
locked_out |
Static |
This indicates that the user account is locked. |
|
active |
Static |
This determines whether the user account has been staged for use. |
|
notification |
Static |
This determines if the user should be notified for any changes made on their account. |
|
calendar_integration |
Static |
This determines if the change requests assigned to that user are sent to their Outlook calendar. |
|
time_zone |
Static |
The user's time zone. |
|
|
Identity Attribute |
The user's email ID. |
|
mobile_phone |
Disable |
The user's mobile phone number. |
|
phone |
Identity Attribute |
The user's phone number. |