Onboarding Assigned Applications

If you've been assigned an application to onboard, you'll receive an email with a link to Identity Security Cloud, where you will then provide configuration details. This will enable Identity Security Cloud to collect information about system accounts and user access so those identities can be governed.

To gather this data, your admin or you will configure a source, which uses the information you provide to connect to the target application.

1. In Identity Security Cloud, select Admin.

2. In the Assigned Applications page, select Configure Source on the application you've been assigned.

   

   Note

   If your admin selected a due date for the application onboarding, it is informational only. You will not lose access to the application onboarding process if the date passes.

3. Your admin might have already selected and created the source, or they might assign that task to you.

4. If they created it, you can begin configuring the source immediately.

5. If they assigned the source creation to you, select Continue.

6. Search for a source type that matches the application and select Configure. SailPoint recommends sources that might be a good match for your enterprise application.

   Note

   Some source types cannot be assigned. Refer to Excluded Source Types for a list of source types that are not supported. If you're unsure which source type to choose, contact your administrator.

   Tip

   Select Documentation for the source type you're viewing to access documentation specific to that source configuration. You'll reference this when configuring the source.

7. Enter a unique name and description for the source to help admins differentiate it from others.

8. Select a source owner who will be responsible for the system. If you're unsure who to select, select the assigning administrator.
9. Select a virtual appliance cluster with connectivity to the source.
10. Select Continue to continue configuring the source.

Configuring Assigned Sources

After the source type has been selected and created, you can begin adding configuration information that an admin will review before publishing the source. This ensures you can make edits and revisions without affecting live data.

You can leave comments on each page of the source configurations for the assigning administrator. They will be notified by email when you leave a comment and can respond in the comments of the draft source. This allows you to keep discussions about source configurations together to support collaboration. The most recent comment is displayed at the top.

Important

Source configuration options are determined by your user level. Documentation might refer to options that are not available to source configuration assignees.

To configure the assigned source:

1. Complete the Source Setup section. Refer to the Identity Security Cloud Connectors Documentation for configuration guidance for the source type you selected.
2. Select Review and Test and select Test Connection. A successful test connection is required to view certain account configurations.

3. Under Account Management, select Account Schema and configure the account schema. Refer to Managing Source Account Schemas.

   Tip

   Select Learn more on the right side of the screen to display tips, guidance, and links to documentation to help during source configurations.

4. Select Account Correlation and set the correlation logic used to assign a source account to an existing identity based on the attributes they share. Refer to Assigning Source Accounts to Identities.

5. Select Create Account and set the policy that determines which values are used when creating and updating accounts on a source. Refer to Configuring Source Account Provisioning.
6. Select Attribute Sync to view the account attributes on the source that should be kept in sync with corresponding identity attributes. This page can only be edited by the admin. Refer to Synchronizing Attributes.

7. Select Accounts. If you successfully tested your connection in Review and Test and configured the account schema, you can select Preview to display a subset of accounts from the application that will be mapped to identities in Identity Security Cloud based on your account schema configurations. This can help ensure your account schema and correlation settings are accurately connecting identity data from the application with identities in Identity Security Cloud.

   Note

   If your admin created the source and aggregated accounts previously, you might see an accounts list with data based on the configurations at the time of aggregation. Changes to the account schema are reflected in the preview.

8. Depending on the source type, you might be able to configure the Entitlement Types to help represent the accounts' access on the source system. Refer to Creating and Managing Entitlement Types.

9. Select Entitlements. If you successfully tested your connection in Review and Test and your source type supports entitlement type configuration, you can select Preview to view a preview of entitlements using the current configuration settings.

   Note

   If your admin previously aggregated entitlements on this source previously, you might see a list of entitlements based on the configurations at the time of aggregation. This list is not affected by the changes you've made in Entitlement Types.

10. When you've completed your configurations, select Review at the top and choose Submit for Review.

The assigning admin will be notified and will review your changes before applying them to the source or reassigning the source for additional edits.

Assignee Source Access Matrix

Source configuration assignees can see the following sections of source configurations:

• Source Setup
  • All sub-menus
• Account Management
  • Account Schema
  • Account Correlation
  • Create Account
  • Attribute Sync - Read-only
  • Accounts
• Entitlement Management
  • Entitlement Types - The Entitlement Types menu is not available on all source configurations. When it is, source assignees can view and edit the Entitlement Types configurations.
  • Entitlements - Read-only

Admins with access to the live source can edit additional configurations in the source such as account aggregation, entitlement aggregation, and uncorrelated accounts.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.