About SailPoint AI Services

SailPoint's AI Services is a SaaS-delivered data analysis product designed to work with IdentityIQ and IdentityNow. The goal of AI Services is to improve your identity governance process through data analysis and machine learning.

Integrating AI Services with IdentityIQ helps your organization determine who should have access to what. AI Services uses peer group analysis and identity attributes to recommend access to your users, and to help certifiers decide when user access should be approved or denied. AI Services can also identify user access patterns to determine potential roles that accurately align with what users actually do in an organization.

AI Services can be configured to give decision recommendations to the people performing access reviews and approving access requests. This can help them make more informed decisions about the access they are granting.

For example, an access reviewer may not be entirely familiar with what item in the access review is. The AI Services integration can provide recommendations to display in IdentityIQ about whether the access should be granted or not. AI Services can provide two types of recommendations – a thumbs up indicating Recommended, or a thumbs down indicating Not Recommended – or not provide any recommendation at all.

Users can also filter recommendations by type, making it easy to review all items with the same recommendation status, together.

Decision recommendations can be enabled both globally, and at the individual certification level. See Enabling Recommendations and Automatic Approvals Globally for Certifications for details on how to enable automatic approvals globally.

AI Services can be configured to give recommendations to people requesting access. With this option, users managing their own access are shown a set of access recommendations, based on information such as the user's manager, department, location, and colleagues. This can help reduce confusion on the user's part about what access to request, and save valuable time and effort in the request process.

See Enabling Recommendations for Access Requests for details on how to enable access request recommendations.

You can use AI Services to automatically approve access based on recommendations. With this feature enabled, any access review item that has a recommendation of "thumbs up" is automatically moved from the reviewer's Open tab to the Review tab, with an "Approved" decision. Reviewers retain the option of changing the automated decision, as needed, before signing off on the review. Automated approvals help your reviewers process access reviews quickly and more efficiently by taking easy decisions out of the way so that they can focus on exceptional items.

Automated approvals can be enabled both globally, and at the individual certification level. See Enabling Recommendations and Automatic Approvals Globally for Certifications for details on how to enable automatic approvals globally.

SailPoint's AI Services includes an Access Modeling service which uses patented machine learning algorithms to identify user access patterns and determine potential roles that accurately align with what users actually do in an organization.

In IdentityIQ, AI Services Access Modeling gives you the option to use this service for role discovery, to display potential roles based on the optimal role granularity derived from AI Services algorithms.

The Access Modeling feature is part of your AI Services integration. See Enabling Access Modeling.