Skip to content

Configuring Sources

Identity Security Cloud collects information about your users' system accounts and their associated access so they can be governed.

You will use sources to load user data from applications, databases, or directory management systems into Identity Security Cloud. SailPoint provides connectors to collect user accounts and access rights from those systems and associate them with the source definition.

A source can be added through a direct connection using a connector or a flat file feed using a .csv file:

  • A direct connection is a method of communicating directly between a source server and Identity Security Cloud. You'll use connectors to provide connection information specific to the source.
  • A flat file feed is a .csv file that contains the relevant information about the accounts you want to add.

Note

By default, new sources are read-only. Deep governance capabilities like provisioning must be manually enabled in the source's Base Configuration. This cannot be undone.

When you have completed your connection, you can aggregate, or load data, from your connected systems.

Configuring a Source

You must provide basic details and authentication information to connect to your source systems. You can do this through the Standard Setup, or depending on the source type, you might be able to configure the source by providing minimal configurations through Express Setup.

Note

Sources with the Quick Compliance badge use read-only connections and support account and entitlement aggregation only. They can be set up using Express Setup or Standard Setup but cannot be used for provisioning.

Configuring a Source Using Standard Setup

  1. Go to Admin > Connections > Sources.

  2. Select Create New.

  3. Search for a source type and select Configure or Actions > Standard Setup.

  4. Enter a unique name and description for the source to help admins differentiate it from others.

  5. Select a source owner who will be responsible for the system.
  6. Choose whether you will be connecting directly to the source system or using a file-based representation of its data.
  7. For direct connect, select a virtual appliance cluster with connectivity to the source.
  8. (Optional) Select a governance group to grant its members source or role sub-admin level oversight of the source and its access.

  9. If this source represents a primary system containing your organization's personnel records, select the Authoritative Source checkbox.

    • You must create identity profiles for the authoritative source to create identities from the source data. Ensure the correlation logic for this source will match the source accounts to the correct identities.

  10. Select Continue to go to the source configuration page.

  11. For sources that support deep governance, select Enable Provisioning in the Base Configuration page to enable provisioning actions. This cannot be undone.

The remaining source configuration details depend on the source type and connection type.

If you choose a flat file connection type for a source type, you will import a .csv file with your source data. If there is not a predefined connector for the source, you can use the Delimited File and Generic source types.

After you complete and save your source configuration, you can manually aggregate account information as needed or schedule account aggregations from direct connect sources on a regular basis.

Configuring a Source Using Express Setup

If a source type supports Express Setup, you can quickly create a read-only connection to your target system by providing minimal configurations and authentication.

  1. Go to Admin > Connections > Sources.

  2. Select Create New.

  3. Search for a source type and select Actions > Express Setup.

  4. Review the directions and select Start Express Setup.

  5. Review the pre-populated connector name, owner, and description. Select Next.
  6. Provide the required authentication like the Base URL and API Token.
  7. Select Finish.
  8. You will be prompted to start an aggregation to load data from the source system or exit the setup.

Tip

If you want to provide additional configurations after using Express Setup, you can edit the source after creation.

Enabling Provisioning on a Read-Only Source

Some sources can support both read-only and deep governance configurations. If you've configured a supported source to perform read-only actions, you can convert it into a deep governance source capable of changing users' access to systems and data in your enterprise.

  1. Go to Admin > Connections > Sources.
  2. Select the source you configured as read only.

  3. In Base Configuration, select Enable Provisioning.

    Caution

    Converting a read-only source to deep governance cannot be undone.

You can now configure the source to perform provisioning actions.

Note

Sources with the Quick Compliance badge support read-only operations and cannot be used for provisioning.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.