Getting Started in IdentityNow
Welcome to IdentityNow!
To get the most out of SailPoint's SaaS offerings, review the following information about setting up your site for the first time.
Add Initial Administrators
Before you can begin setting up your site, you'll need one or more emergency access administrators.
-
Updating Emergency Access Administrators
Emergency access administrators can sign in to your site even if your connectivity is interrupted, which allows them to make changes and troubleshoot your site to get it working again. When you're first given access to your IdentityNow instance, SailPoint has already created one of these administrators for you, which you'll use to sign in and add more admins.
Don't forget to configure one or more strong authentication methods for these users.
Loading Data
IdentityNow manages your identity and access data, but that data comes from sources. You can connect those sources to IdentityNow and link together accounts that belong to the same person in the form of an identity.
-
If you want to directly connect to any of your sources to load account data, you'll need a virtual appliance (VA). Virtual appliances allow you to connect your sources to IdentityNow without compromising your firewall.
Creating Identities
An identity serves as a way to store all of a user's account and access data in a single place.
-
Many organizations have a few sources that, together, have records for every user in the organization. These might be HR or directory sources, and they should be created first so that their data is considered the highest priority. You can create other sources later.
Review our supported sources so you can choose the best sources for your environment.
-
Creating an identity profile turns a source into an authoritative source. It also means that any accounts aggregated from this source become identities, and any other accounts aggregated for those users can be associated with their identities.
-
Load accounts from those sources. This is also known as an aggregation.
Loading Other Account and Access Data
Once you've created the identities for your organization, you can add information about their other accounts and access.
-
Configure connections to the rest of the sources in your environment and load accounts from those sources.
-
Correlate Accounts to Identities
Each account you aggregate can be associated with one of the identities you created earlier, so all of their accounts and access can be viewed in one place.
-
Aggregate the access data from each of your sources so that those entitlements can be managed.
Configure Security Settings
You'll want to make sure that every time an identity in your site signs in, they're the right person and they're allowed to do so. You can configure any or all of the following measures to help keep your site safer:
-
Strong authentication, sometimes called multifactor authentication, requires users to prove their identity before they can perform certain tasks such as changing their password.
-
Configure Network and Location Settings
You can block or allow users who are signing in from specific locations or from outside of your network.
-
Decide how many times a user can enter an incorrect password before they're locked out of the system.
-
Decide how long a user can stay signed in to IdentityNow without reauthenticating, and how long they can be idle before they're signed out.
Configure IdentityNow's Cloud Services
Now that the framework of your IdentityNow site has been set up, review the documentation about each cloud service you've subscribed to for more information about configuring each feature.
You can track the status of IdentityNow and its services at status.sailpoint.com.
You can also review the documentation for some of SailPoint's other products that can be integrated with IdentityNow.
Inviting Users
Finally, if you've decided that your users should have access to IdentityNow to review certifications, manage their passwords, or complete other tasks, you can invite them to IdentityNow.
After you've completed your initial setup, you're ready to dive into the more detailed aspects of managing identities and governing their access.