SailPoint Widget Library

Note
Widgetized architecture has been introduced in v4.0 to provide flexibility to configure and customize the behavior of the app. Widgets will be released and you will have the choice to select and customize them as per your business needs.

SailPoint has developed widgets that can be directly utilized in your Service Portal, record producer, or customized request pages to align with your specific business requirements. The widgets are as follows:

Note

  • Base system widgets are designed as read-only components to allow you to take advantage of upcoming updates. If you wish to make modifications, you have the option to duplicate these base system widgets. It's important to note that duplicated widgets are classified as custom widgets and will not receive any future updates from the original widgets they were duplicated from.

  • To clone or create widgets, refer to Developing custom widgets in the ServiceNow documentation.

  • To view and configure the instance options for a widget, refer to Configure widget instances in the ServiceNow documentation.

This table provides information about the Release version and Updated version of each widget. You can also check the instance options of all widget.

Widget

Instance options

Release version

Updated version

ISC Access Object Details

None

v4.0

V5.2

ISC Access Object Selection

Multiple

V4.0

V5.2

ISC Access Object Selection 2

Multiple

V4.0

V5.2

ISC Selected Users

None

V4.0

V4.0

ISC Review And Submit

Multiple

V4.0

V5.1

ISC Review And Submit 2

Multiple

v4.0

v5.1

ISC Header Text

None

v4.0

-

ISC Progress Bar

None

v4.0

-

ISC Access Comment

None

v4.0

-

ISC User Search

None

v4.0

-

ISC Footer Buttons

None

v4.0

-

ISC Login

None

v4.0

-

ISC Access Type

None

v4.0

v5.2

ISC Sunset Date

Multiple

v4.0

v4.1

ISC Access Object Search

Multiple

v4.0

v5.1

ISC User Selection

Multiple

v4.0

v4.1

ISC User Selection 2

Multiple

v4.0

v4.1

ISC Questionnaire

None

v5.1

-

ISC Access Object Free Text Search

Multiple

v5.2

-

Widgets for Request and Review Access

This widget displays the details of the linked access profiles and entitlements when Details is selected.

Field

Description

Show Non-Requestable access objects under Add Access

A checkbox to show non-requestable objects under the Add Access tab.

Show Non-Revocable access objects under Remove Access

A checkbox to show non-revocable objects under Remove Access tab

Show Disabled access objects under Add Access

A checkbox to show disabled objects under the Add Access tab (only applicable for Roles and Access Profiles)

 

Show Disabled access objects under Remove Access

A checkbox to show disabled objects under Remove Access tab (only applicable for Roles and Access Profiles)

List and order of Search results tab

Specify the list and order of object types in comma separated values.

Items Per Page

Select the number of access objects to be shown in the widget.

Encoded Query for items under Add Access

An optional and advanced parameter to refine your search results in the 'Add Access' tab. You can apply an extra filter query that works on roles, access profiles, and entitlements.

Encoded Query for items under Remove Access

An optional and advanced parameter to refine your search results in the 'Remove Access' tab. You can apply an extra filter query that works on roles, access profiles, and entitlements.

 

Encoded Query will be applied on page load. SailPoint recommends using this option judiciously as it might result in empty record set which would be confusing to end users as no warning is displayed. Additionally, you must validate the scenario if the Native Search functionality is used. SailPoint recommends using different pages for the native search redirection and restricted user search functionality. For more information refer to Searchable Fields - SailPoint Identity Services.

  • If you set the List and order of Search results tab. Exact text separated by comma to be used. Refer to documentation for examples (x_sap_intidn.x_sp_spnt_snow_int.specify_tab_order) property to “Roles” only and the Native Search Redirect Page ID (example: manage_access) property to “isc_request”, and you configure the widget option for access tabs on this page to “Access Profiles”, the following occurs. When a user searches for a role on the portal, the user finds only “Roles” in the search result because the native search uses this property.

  • When the user selects a role to submit a request, the system takes the user to the page with the role selected, and the user can submit the request even if the widget option is configured for “Access Profiles” only.

  • However, if the user clicks the "Previous" button, the system loses the selected role (from the native search). As the widget option is set to “Access Profile”, the user will then only see access profiles.

It’s important to note that the property will only work if you apply the following standards:

Do's

  • Use the names of the tabs as they are specified, capitalizing the first letter. The default values are “Roles”, “Access Profiles”, “Entitlements”.

  • Enter the values, separated by a comma, in the order that you want the tabs to display. The functionality will work whether you choose to include (or not include) spaces before or after the commas. For example,

    • “Access Profiles, Roles, Entitlements”

    • “Entitlements, Roles, Access Profiles“

    • “Roles, Entitlements”

    • “Access Profiles”

Dont's

  • Do not change the names of the tabs in any way. For example,

    • “roles, access profiles, entitlements”

      • To work correctly, the first letter of each name must be upper-case.

    • “Access Profiles”

      • To work correctly, all letters other than the first letter must be lower-case.

    • “ENTITLEMENTS”

      • To work correctly, the first letter should be upper-case followed by all lower-case letters.

  • Do not include special characters, extra punctuation, extra letters, or acronyms in the names of the tabs.

    • “Roles.Access Profiles.Entitlements”

    • “Access Profiles-Entitlements.”

    • “A.Profiles”

    • “Access_Profiles”

    How to reorder the Search results tabs:

    Reorder the tabs of the application by reordering them in the property. By default, the order is “Roles, Access Profiles” which displays the Roles tab first, followed by the Access Profiles tab.

    If you want to show the “Access Profiles” tab first, then you must change the value of the property to “Access Profiles, Roles”, which will display the Access Profiles tab first, followed by the Roles tab.

Release Version: v4.0, Updated version: v5.2

This widget allows you to select searched results of Roles, Access Profiles, and Entitlements in tabular mode.

Field

Description

Show Non-Requestable access objects under Add Access

A checkbox to show non-requestable objects under the Add Access tab.

Show Non-Revocable access objects under Remove Access

A checkbox to show non-revocable objects under Remove Access tab

Show Disabled access objects under Add Access

A checkbox to show disabled objects under the Add Access tab.(only applicable for Roles and Access Profiles)

Show Disabled access objects under Remove Access

A checkbox to show disabled objects under Remove Access tab.(only applicable for Roles and Access Profiles)

List and order of Search results tab

Specify the list and order of Access objects in comma separated values.

Secondary Columns to be displayed (example: description, type, owner)

Ability to select secondary columns to be shown on the table. The Name and Details columns are mandatory and fixed.

Items Per Page

Select the number of access objects to be shown in the widget.

Encoded Query for items under Add Access

An optional and advanced parameter to refine your search results in the 'Add Access' tab. You can apply an extra filter query that works on roles, access profiles, and entitlements.

Encoded Query for items under Remove Access

An optional and advanced parameter to refine your search results in the 'Remove Access' tab. You can apply an extra filter query that works on roles, access profiles, and entitlements.

Note
Column names are case sensitive.

Encoded Query will be applied on page load. SailPoint recommends using this option judiciously as it might result in empty record set which would be confusing to end users as no warning is displayed. Additionally, you must validate the scenario if the Native Search functionality is used. SailPoint recommends using different pages for the native search redirection and restricted user search functionality. For more information refer to Searchable Fields - SailPoint Identity Services.

  • If you set the List and order of Search results tab. Exact text separated by comma to be used. Refer to documentation for examples (x_sap_intidn.x_sp_spnt_snow_int.specify_tab_order) property to “Roles” only and the Native Search Redirect Page ID (example: manage_access) property to “isc_request”, and you configure the widget option for access tabs on this page to “Access Profiles”, the following occurs. When a user searches for a role on the portal, the user finds only “Roles” in the search result because the native search uses this property.

  • When the user selects a role to submit a request, the system takes the user to the page with the role selected, and the user can submit the request even if the widget option is configured for “Access Profiles” only.

  • However, if the user clicks the "Previous" button, the system loses the selected role (from the native search). As the widget option is set to “Access Profile”, the user will then only see access profiles.

It’s important to note that the property will only work if you apply the following standards:

Do's

  • Use the names of the tabs as they are specified, capitalizing the first letter. The default values are “Roles”, “Access Profiles”, “Entitlements”.

  • Enter the values, separated by a comma, in the order that you want the tabs to display. The functionality will work whether you choose to include (or not include) spaces before or after the commas. For example,

    • “Access Profiles, Roles, Entitlements”

    • “Entitlements, Roles, Access Profiles“

    • “Roles, Entitlements”

    • “Access Profiles”

Dont's

  • Do not change the names of the tabs in any way. For example,

    • “roles, access profiles, entitlements”

      • To work correctly, the first letter of each name must be upper-case.

    • “Access Profiles”

      • To work correctly, all letters other than the first letter must be lower-case.

    • “ENTITLEMENTS”

      • To work correctly, the first letter should be upper-case followed by all lower-case letters.

  • Do not include special characters, extra punctuation, extra letters, or acronyms in the names of the tabs.

    • “Roles.Access Profiles.Entitlements”

    • “Access Profiles-Entitlements.”

    • “A.Profiles”

    • “Access_Profiles”

    How to reorder the Search results tabs:

    Reorder the tabs of the application by reordering them in the property. By default, the order is “Roles, Access Profiles” which displays the Roles tab first, followed by the Access Profiles tab.

    If you want to show the “Access Profiles” tab first, then you must change the value of the property to “Access Profiles, Roles”, which will display the Access Profiles tab first, followed by the Roles tab.

Release Version: v4.0

This widget displays the initials of the selected users. Hover the mouse cursor over the initials to view additional details. To remove the user, select the red x on the initials.

Instance options for this widget: None

Release Version: v4.0, Updated version: v5.1

This widget displays the line items of selected users and selected objects for adding or removing access. Select Validate/Submit to see related warnings and errors.

Instance options for this widget: Multiple

  • Display Expiration Date

    • When selected, the field is displayed. Deselect this option to hide the expiration date field.

  • Expiration Date Default Value

    • If the field is displayed, select the default value of the expiration date. If the field is hidden, the value will be ignored.

  • Expiration Date Mandatory

    • When selected, this forces the end users to have a value in the expiration date field.

    Show Additional Information

    • When selected, this allows end users to provide additional information required for the chosen access object.

Release Version: v4.0, Updated version: v5.1

This widget displays the following additional details:

  • Comment

  • Expiration Date

  • Account Selection (for adding access) / Assignment Selection (for revoking access)

  • Additional Information

Note
The Comment, Account Selection, and Assignment Selection fields are populated based on the settings in ISC. The Expiration Date and Additional Information are based on the configuration in ServiceNow.

Instance options for this widget: Multiple

  • Display Expiration Date

    • When selected, the field is displayed. Deselect this option to hide the expiration date field.

  • Expiration Date Default Value

    • If the field is displayed, select the default value of the expiration date. If the field is hidden, the value will be ignored.

  • Expiration Date Mandatory

    • When selected, this forces the end users to have a value in the expiration date field.

    Show Additional Questions

    • When selected, this allows end users to provide additional information required for the chosen access object.

Note
This widget has been designed based on the most commonly used fields. If the interface is not aligned for your use, you can customize and change the HTML of the widgets.

Release Version: v4.0

This widget displays the static text on every page, which is generally used to give instructions to end users. The HTML value of the text is extracted from the setup page.

Instance options for this widget: None

Release Version: v4.0

This widget tracks the progress of the requester.

Instance options for this widget: None

Release Version: v4.0

This widget is used to accept the comments.

Instance options for this widget: None

Release Version: v4.0

This widget is used to search for users.

Instance options for this widget: None

Release Version: v4.0

This widget is used to move across the pages via the Previous, Next, and Cancel buttons. The position of the buttons can be aligned in the container, and is dependent on widget options.

Instance options for this widget (ServiceNow Admin user): Align the buttons to the edge or center.

Release Version: v4.0

Instance options for this widget: None

Image: N/A

This widget enables the necessary authentication to establish connections with SailPoint instances. It does not have a display component.

Release Version: v4.0

The visibility of this widget is dependent on the configuration of the setup page as well as users selected.

  • Show "Remove Access" tab.

    • Select a checkbox to show/hide “Remove Access” tab.

  • Show "Recommendations" tab, applicable only if required licence available.

    • Select a checkbox to show show/hide “Recommendations” tab.

    Note
    If you unselect both options, this widget will be hidden. To set instance option again, use the Service Portal Page Designer.

Release Version: v4.0, Updated version: v4.1

This widget functions as a date picker specifically designed for selecting the Sunset date.

Instance options for this widget: Multiple

  • Display Expiration Date

    • When selected, the field is displayed. Deselect this option to hide the expiration date field.

  • Expiration Date Default Value

    • If the field is displayed, select the default value of the expiration date . If the field is hidden, the value will be ignored.

  • Expiration Date Mandatory

    • When selected, this forces the end users to have a value in the expiration date field.

Release Version: v4.0, Updated version: v5.1

This widget filters the requestable entitlements, access profiles and roles dependent on the criteria provided by the requester.

Instance options for this widget: Multiple

  • Default Filter

    • Choose a filter that will be chosen by default when the page loads. You can select Name, Description, Owner, Source, or Application. Keep -- None -- if you would like no pre-selection.

  • Default Operator

    • If the default filter is Name or Description, the default operator is applicable and allows you to select Contains ANY keywords, Contains ALL the keywords, or Is EXACT match. If the default filter --None-- is selected , Contains ANY keywords will be auto-selected for the default operator. If the default filter is Owner, Source or Application the default operator will always be Equals and this option will be ignored.

  • Search by Filter Option List

    • Lists the filter options to be enabled for search. The options in the dropdown will be displayed as in the order mentioned in the widget. Supported values are:

      • Name

      • Description

      • Owner

      • Source

      • Application

      Values outside of this list will be ignored, and the filter options will be displayed by default if not specified,

      The Default Filter and Default Operator should be set based on the values defined in the Search by Filter Option List.

      Note
      No validations are performed in widget options, thus admins need to be cautious while configuring.

Release Version: v4.0, Updated version: v4.1

This widget lists all of the users by default, and gives the option to filter the users based on your selections.

Instance options for this widget (ServiceNow Admin user): Multiple

  • Number of user records to be displayed per page

  • Optional field names to display

    • Specify the ServiceNow user table field names separated with a comma, e.g., email,manager,department

  • Encoded Query

    • This is an optional parameter that must be used with caution. It is used to further filter the users on top of the result set retrieved from Identity Security Cloud.

      By default, the manager will be able to see their own users along with team members. Admin and OnBehalfOf roles will retrieve all users. The widget option provides the ability to provide additional query parameters.

      This encoded query will be applied on page load. We recommend using this option carefully as it might result in an empty record set, which could confuse end users since there is no warning message displayed.

      If there are field level ACLs applied on any of the fields used in the encoded query, end users may see error messages logged on their screen. SailPoint recommends extensive testing with all personas before using this widget option. If you're using the Native Search functionality, it is recommended to validate the scenario, as well as use different pages for native search redirection and restricted user search functionality.

Release Version: v4.0, Updated version: v4.1

This widget allows you to select a maximum of 10 users via the dropdown.

Instance options for this widget (ServiceNow Admin user): Multiple

  • Optional field names to display

    • Specify the ServiceNow user table field names separated with a comma, e.g., email,manager,department

  • Encoded Query

    • This is an optional parameter that must be used with caution. It is used to further filter the users on top of result set retrieved from Identity Security Cloud.

      By default, the manager will be able to see their own users along with team members. Admin and OnBehalfOf roles will retrieve all users. The widget option provides the ability to provide additional query parameters.

      This encoded query will be applied on page load. We recommend using this option carefully as it might result in an empty record set, which could confuse end users since there is no warning message displayed.

      If there are field level ACLs applied on any of the fields used in the encoded query, end users may see error messages logged on their screen. SailPoint recommends extensive testing with all personas before using this widget option. If you're using the Native Search functionality, it is recommended to validate the scenario, as well as use different pages for native search redirection and restricted user search functionality.

Release Version: v5.1

This widget displays questions configured for the selected access object. It's editable to allow for customization without the need to modify other widgets.

Instance options for this widget: None

Release Version: v5.2

This widget allows users to filter requestable entitlements, access profiles, and dependent roles based on the text search term they enter.

Note
Below Instance Options are only applicable for Add Access tab.

Instance options for this widget (ServiceNow Admin user): Multiple

  • Searchable Fields

    • Specify the list of fields to be searched, separated by commas.

      Example: name, description, owner.name

  • Match any term

    • A checkbox indicating whether at least one of the entered search terms should match within the specified fields.

Note

You can apply an extra filter query that works on roles, access profiles, and entitlements. For more information refer to Searchable Fields - SailPoint Identity Services

Widgets for Certification

Release Version: v5.0

This widget enables the necessary authentication to establish connections with SailPoint instances.

Instance options for this widget (ServiceNow Admin user): None

Release Version: v5.0

This widget displays all the certifications assigned to users.

Instance options for this widget (ServiceNow Admin user): None

Release Version: v5.0, Updated version: v5.1

This widget displays all access items that need to be reviewed or have already been reviewed for the user.

Instance options for this widget (ServiceNow Admin user): Two

  • Items Per Page (Default 5)

    • Select the number of access objects to be shown in the widget.

  • Details Pop-Up Window (Default: False)

    • Enabling this option displays the Details column.

    • This popup can be customized to display additional information as required. Some basic information has been pulled on to this page for sample.

Release Version: v5.0

This widget displays a list of identities with pending or completed decisions. Select Show Campaign Details to view additional information about the respective campaign. Use the search option to filter identities within the list. Select Exit Certification to exit the current process and return to the landing page.

Instance options for this widget (ServiceNow Admin user): One

  • Items Per Page (Default 10)

    • Select the number of identities to be shown in the widget.

Release Version: v5.0

This widget displays the details of the selected certification.

Instance options for this widget (ServiceNow Admin user): None

Release Version: v5.0

This widget lists all the the reasons behind the recommendation.

Instance options for this widget (ServiceNow Admin user): None