Skip to content

Updating Emergency Access Administrators

Emergency access administrators can log into a system experiencing connectivity problems and make changes. These admins are listed in an identity profile that uses a flat file source as its account source. Different types of users can be listed in a flat file source, however, users who are admins listed in a flat file source have special emergency access admin privileges. Emergency access admins can sign in when your site is having connectivity problems because they come from a flat file source, so they can troubleshoot and repair problems.

When you first gain access to your orgs, you're granted one emergency access administrator. Add more emergency access administrators or remove those you've previously added, by editing the file that contains emergency access administrator identity information.

Prerequisites:

  • SailPoint has created your org and given you access to an initial administrator account.
  • At least one identity profile exists with a flat file account source.

Updating Emergency Access Administrators List

Download the emergency access administrator file to add, remove, or update information in the file.

To download the list of emergency access administrators:

  1. Go to Admin > Connections > Sources and select the IdentityNow Administrators source.

  2. Select Accounts and ensure User Accounts in the left panel is selected.

  3. Select the CSV icon to download the current list of emergency access administrators.

  4. Unzip and open the file.

  5. Review the flat file containing the list of administrators. Identity information for each administrator has one row under each column header. Column headers match the attributes available for each identity.

  6. Update, add, or remove rows for each administrator as needed. Do not add or remove any column headers. Save the CSV file on your drive.

    Important

    • When this file is uploaded, the identities provided are used as the complete set of emergency access admins for the site. Removing an account from this file and uploading the file removes that identity from IdentityNow.
    • Do not include the SailPoint Support identities slpt.support or slpt.services in this file. These identities are used to allow the SailPoint support team to troubleshoot your site. To grant or disable access to these identities, visit Granting Support Access to Your Site.
    • Do not delete the slpt.support or slpt.services identities from your site. If these accounts are deleted, SailPoint Support might be unable to sign in to your site to help with implementation or troubleshooting.

  7. Select the Import Data tab on the IdentityNow Admin's source to upload the edited emergency access administrator list.

  8. Select Import at the bottom of the Import Accounts panel and select the CSV file you saved to your drive.

When the import is successfully uploaded, you'll see the upload date and time and a Success status.

Setting Up Emergency Access Administrators in IdentityNow

After adding users to the emergency access admins flat file, grant them admin access.

  1. Go to Admin > Identity Management > Identities and find the identities you have designated as emergency access administrators.
  2. Select Actions > Set User Levels.
  3. Enable the toggle for the Admin user level and select Save.

Inviting New Emergency Access Administrators to IdentityNow

Invite new emergency access admins who are also new IdentityNow users to IdentityNow. Refer to Inviting Users to Register with IdentityNow for instructions.