Skip to content

Managing Machine Identities

A machine identity represents an application or service that related machine accounts are grouped within. For example, an organization might group and correlate all of their automated teller service accounts to an Automated Teller machine identity. These groupings allow users to organize and oversee their organization’s service accounts, bots, and other machine accounts.

Note

This document describes machine identities created through the Machine Identity Security feature. For general information on identities, refer to Managing Identities.

Creating Machine Identities

Organizations may create machine identities at different stages in their implementation process. For example, if your organization’s data is stored in a database, you may create machine identities before classifying the machine accounts on a source.

If your organization doesn't maintain application data, you may create machine identities after machine accounts have been classified on a source. When machine account attributes were mapped, the Machine Identity field might have been left unmapped, resulting in the creation of a partial machine identity for each machine account.

If multiple partial machine identities exist for the same application, you can create a machine identity to represent it and correlate related machine accounts. Once correlated, Identity Security Cloud deletes the partial machine identities from your tenant. Manually-created machine identities remain if their associated machine accounts are correlated to a different machine identity.

To create a machine identity:

  1. Go to Admin > Identity Management > Machine Identities.

  2. Select Create New to create a new machine identity.

  3. Enter a unique name and description to help users differentiate the machine identity from others.

  4. In the Business Application field, enter a unique value that describes the application or service the machine identity represents. If your application data is stored in an attribute, enter the value for that attribute to correlate machine accounts to this machine identity.

  5. Select Save to create the machine identity.

To delete a machine identity, reassign its correlated machine accounts and select Delete in the Actions column. Once you’ve confirmed the deletion, the machine identity is removed from your tenant.

If machine accounts have been classified for this source, ensure the machine accounts have been correlated to the correct machine identities.

If you created machine identities first, you can now classify machine accounts on the source.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.