Connecting Non-Employee Risk Management and Identity Security Cloud
Create a source within Identity Security Cloud to manage your non-employee profiles.
Aggregating your non-employee profiles into Identity Security Cloud allows you to use Non-Employee Risk Management as your authoritative source of identity data. You can then correlate their accounts and access from other sources to those identities.
This connector does not support provisioning operations, and can't be used to create or update profiles within Non-Employee Risk Management.
Notes
- The Non-Employee Risk Management source within Identity Security Cloud aggregates and manages profiles, rather than user accounts. To aggregate accounts from Non-Employee risk management, use a web services connector.
- The Non-Employee Risk Management connector can be used to create an authoritative source using person profiles. Do not make sources that contain non-person profiles authoritative. Sources that contain non-person profiles can be used ot provide supplemental attributes to identity profiles, but should not be used to create authoritative sources.
- Archived profiles will not be aggregated.
Creating a Non-Employee Risk Management Source
You'll create a source within Identity Security Cloud to aggregate and manage your non-employee profiles.
Prerequisites:
-
Create and copy an API key from Non-Employee Risk Management to use within Identity Security Cloud.
Best Practice
Use a separate API key for each Non-Employee Risk Management source you create.
-
Copy the ID of the profile type you want to manage within Identity Security Cloud. Make sure this profile type is in the same tenant as the API key you are using.
- Copy the UIDs of each attribute you want to aggregate.
To create a Non-Employee Risk Management Source within Identity Security Cloud:
-
Sign in to Identity Security Cloud and go to Admin > Connections > Sources.
-
Select Create New.
-
Under Select a source type, select Configure beside SailPoint Non-Employee Risk Management.
-
Enter the following:
- Source Name - Enter a name for the new source.
- Description - Enter a description for the new source to help distinguish it from similar sources.
- Source Owner - Begin typing the name of an owner. Matches appear after you type two or more letters.
- Governance Group (Optional) - Select a governance group for source management.
-
Select Continue.
The Base Configuration screen is displayed.
-
Select Configuration in the left panel.
-
In the API Key field, enter the API key you saved within Non-Employee Risk Management for this source.
-
In the Non-Employee Risk Management Tenant Domain field, enter the URL for your tenant.
-
In the Profile Type Id field, enter the ID of the profile type you want to manage within Identity Security Cloud that you saved within Non-Employee Risk Management.
-
Select Save.
-
Select Review and Test.
-
Review the configuration details and select Test Connection. A successful test is required for Identity Security Cloud to gather data for this source.
Adding Attributes
After creating a Non-Employee Risk Management source and connecting it, you can map the attributes that Identity Security Cloud will aggregate.
-
From the list of sources, select the source you want to edit.
-
Select Import Data > Account Schema.
Several attributes are available by default. These are the system-level attributes available for every profile within Non-Employee Risk Management.
The
name
andid
attributes will be used as the Account Name and ID. This cannot be edited.Note
Do not edit or delete the default attributes.
-
Select + Add New Attribute.
-
Enter the following information:
- Name - Enter the UID of the attribute you want to add exactly as it appears within your Non-Employee Risk Management tenant.
- Description - Add a description for the attribute.
Notes
- The attribute type must be set to String. When attributes of other types are aggregated, their value will be converted to a string.
- Aggregating entitlements is not supported. Do not select the Entitlement checkbox under Type.
-
Select Save.
The attribute is added to the list of attributes within the account schema.
When profiles are aggregated into Identity Security Cloud, the Non-Employee Risk Management attributes matching the attribute names you provided will be aggregated for all profiles in the configured profile type.
You can schedule regular aggregations of profiles into Identity Security Cloud so that your data is kept up-to-date.
If you are aggregating person profiles, create an identity profile to use the profile data from Non-Employee Risk Management as an authoritative source of identities.
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.