Integrating SailPoint AI-Driven Identity Security

Note: Plugins must be enabled in IdentityIQ for AI-Driven Identity Security to be installed. Ensure that plugins.enabled=true in the identityiq_home/WEB-INF/classes/iiq.properties file of your installation.

Prerequisites for Integrating AI-Driven Identity Security

Because SailPoint's AI-Driven Identity Security are a part of Identity Security Cloud, you will need a connection to an Identity Security Cloud tenant to integrate AI-Driven Identity Security with IdentityIQ. You can read about AI-Driven Identity Security prerequisites, the onboarding process, and deployment steps at Getting Started with AI-Driven Identity Security for IdentityIQ.

Importing the AI-Driven Identity Security Integration File

Begin your implementation of SailPoint AI-Driven Identity Security in IdentityIQ by importing the AI-Driven Identity Security init-ai.xml file into IdentityIQ:

  1. Log in to IdentityIQ as an administrator.

  2. Select the gear icon > Global Settings >  Import from File.

  3. Click Browse and browse to the following directory:
    identityiq_home\WEB-INF\config
    where identityiq_home is the directory in which you extracted the identityiq.war file during the IdentityIQ installation procedure.

  4. Select the init-ai.xml file and click Import.

  5. When the import is complete, click Done.

This process enables AI-Driven Identity Security and installs the AI-Driven Identity Security Recommender Plugin into your IdentityIQ instance.

AI-Driven Identity Security Limitations for Customizing Hibernate Files

IdentityIQ allows you to customize extended and searchable attributes by editing various .hbm.xml files (such as IdentityExtended.hbm.xml or LinkExtended.hbm.xml) when IdentityIQ is installed and configured. The AI-Driven Identity Security feature requires that all the *default* values in IdentityIQ's .hbm.xml files are present.

The AI-Driven Identity Security feature will not function properly if any default fields have been removed from any of the .hbm.xml files. Do not remove any default fields from the .hbm.xml files if you plan to implement the AI-Driven Identity Security integration.

See the IdentityIQ Installation Guide for more details.