Rewriting URLs The problem Let’s say you’ve written a custom SailPoint IdentityIQ (IIQ) plugin that exposes a plugin page. By default, plugins in IIQ have a technical-looking URL, like this: https://iiqdemo.example.com/identityiq/plugins/pluginPage.jsf?pn=PluginName. That’s both too much and too little information for an end user. If your page consumes Angular state, it might have an even uglier…
Continuing the discussion from In Sync & Secure: CI/CD Design Challenges and Considerations: Phase 1 of the DevOps solution standup process focuses on the many pre-deployment tests you can run to prevent issues from reaching your IdentityIQ environment and can leverage both SailPoint and custom tooling to meet your testing needs. Phase 1 also acts…
The minimum viable product of every DevOps solution is to reliably deploy an application in an automated fashion without any developer interaction (outside of optionally clicking a start button). Regardless of what pipeline platform you have available, your first consideration will be to follow a “push” or “pull” methodology for your pipeline. In the scenario…
With Navigate around the corner, we felt now would be an opportune time to share our journey and experiences in implementing robust DevOps processes within our clients’ diverse environments. The world of Information Security is constantly evolving, and as a result, so are the tools and methodologies used to manage and automate security processes. As…
Identity Works LLC has been in the field for decades working across all verticals, but we often find ourselves working with colleges and universities. Over the years, we have solved many of the complex challenges with multi-personas and access policies that exist in higher education. We frequently hear “our setup is unique, we have this homegrown…
Have you ever needed to query data directly from your IIQ database for reporting? Have you ever wanted to test a SailPoint filter or HQL query before you used it in a role membership rule? Have you ever wondered why your IIQ Filters behave the way they do? Have you ever needed a Filter String…
SailPoint IdentityIQ ships with a variety of historical and audit logging. Aggregation jobs can save a snapshot of an Identity containing all of its attributes and accounts so an admin can refer to it later. You can view the history of lifecycle events for an Identity. You can view certification information. You can view historical…
IdentityWorks is pleased to announce the availability of the “public subset” of our feature-rich IIQCommon library, which you can find at: https://git.identityworksllc.com/pub/iiqcommon IIQCommon is a utility library used in virtually all of our SailPoint IdentityID installations and plugins. Some of the utilities included in this library are documented below. Utilities A whole slew of convenience…
The SailPoint IIQ user interface is far more user-friendly and reliable than the interface of competing identity managers. However, from time to time, it still encounters limitations. IdentityWorksLLC has created an IIQ plugin, the UI Enhancer, to insert many useful features and security enhancements to the existing user interface, filling in the gaps. Contact IdentityWorksLLC if…
When creating business logic for a connector in SailPoint IdentityIQ, it is sometimes necessary to run a Powershell script “out of band” (i.e. from a Workflow or Run Rule task). This is not well-suited to the Before/After model used by IQService connectors. In this article, I will go through how the IQService invokes Powershell and how…
