SlideShare a Scribd company logo

Introduction to SailPoint Integration

S
sesametechnologies

You can integrate SailPoint with Privileged Access Manager in two ways: SailPoint STI (Simple Table Integration) STI is an extensive SailPoint-specific integration, with configuration required on both sides, resulting in automatic synchronization and workflow. This option requires an integration license option. See the following STI Setup section. SCIM (System for Cross-domain Identity Management) SCIM is an application-level REST protocol for managing user identity data between

Education
1 of 5
Download to read offline
Introduction to SailPoint Integration Integrate with SailPoint You can integrate SailPoint with Privileged Access Manager in two ways: SailPoint STI (Simple Table Integration) STI is an extensive SailPoint-specific integration, with configuration required on both sides, resulting in automatic synchronization and workflow. This option requires an integration license option. See the following STI Setup section. SCIM (System for Cross-domain Identity Management) SCIM is an application-level REST protocol for managing user identity data between domains. Want To Get SailPoint Training From Experts? Enroll Now For Free Demo SailPoint Training. Clustering When Privileged Access Manager is clustered, users should connect to the cluster Primary Site VIP rather than an individual server. The VIP address provides availability in case the server that was originally configured for SailPoint is unavailable. STI Setup Privileged Access Manager populates SailPoint integration tables with Privileged Access Manager Users (with current Role and User Group assignments), Roles, and User Groups. Privileged Access Manager Roles and User Groups are imported by SailPoint to be defined as Entitlements. Privileged Access Manager Users are imported and made into IdentityIQ Users in SailPoint. Whenever changes occur within Privileged Access Manager, these tables are updated on a configurable interval. Privileged Access Manager Configuration For the SailPoint configuration options to appear, the SailPoint integration option must be licensed. SailPoint STI uses port 3306 to communicate with PAM. To configure SailPoint integration in Privileged Access Manager, follow these steps: Go to Configuration, 3rd Party, SailPoint. Enter the Database User, and Database Password. The password is used in SailPoint configuration, which follows. Set the Update Interval, in seconds. This value determines how often Privileged Access Manager checks for incoming SailPoint requests, exports relevant data to SailPoint. For SailPoint Whitelist, enter at least one SailPoint server address. These addresses are the only connections to allow for SailPoint integration. Valid entries are IP address, hostname, and FQDN values. Select Save to save your settings.
Select Install to set up the SailPoint integration Tables. The installation is only done once. This button is enabled if SailPoint is licensed, and disabled again once the installation is complete. Select Download to acquire a zip file of the Privileged Access Manager SailPoint application. Use this file during the configuration of the SailPoint side of the integration. Unzip this file and save CAPamConfiguration.xml in a location accessible by your SailPoint application. The Import button is optional. You can manually direct Privileged Access Manager to read the provisioning queue. Import is also automatically done according to the Update Interval setting. The Export button is optional. You can manually direct Privileged Access Manager to populate the SailPoint tables. Export is also automatically done according to the Update Interval setting. SailPoint Configuration Before you configure the integration in SailPoint IdentityIQ, ensure that these prerequisites are met: Install the LCM (Lifecycle Manager) module for SailPoint Install the STI (Simple Table Integration) integration for SailPoint To configure the integration in SailPoint, follow these steps: In SailPoint IdentityIQ, select the configuration gear icon and select Global Settings. The Global Settings page appears. Select the Import from File option in the lower right. Select Choose File under Import Objects. Select CAPamConfiguration.xml, which you downloaded during the Privileged Access Manager configuration. Select Import. Under Applications, Application Definitions, select the CAPam application. The Edit Application CAPam page appears. Select the Configuration tab. Under Settings, enter the correct Connection Password, which was not provided in the configuration XML file. This password is the password that you entered in step 2 of Privileged Access Manager Configuration. Scroll down to Object Type: usergroup. Under Settings, enter the correct Connection Password. Scroll down to Object Type: role. Under Settings, enter the correct Connection Password. Scroll down to Object Type: group. Under Settings, enter the correct Connection Password. Scroll to the bottom of the page and select Test Connection. "Test successful" appears. If not, edit the passwords. Select Save to save your changes. For your specific SailPoint IdentityIQ configuration, you can change the default provisioning policies that are provided by Privileged Access Manager. Inspect these settings to determine if you must change them. Under Configuration, select Provisioning Policies. Under Object Type: account, for the Create Type, select User. The Attributes for User appear. Select an Attribute, such as lastName. See Operations and Attributes for a list of the supported operations and attributes. The Edit Options appear on the right.
Select Value Settings. The value for lastName can be a static Value, be Dependent, be determined by a Script, or be determined by a Rule. If you want to save you changes, select Save. On the Edit Application CAPam, Password Policy page, configure a default password policy that follows the default password policy set for Privileged Access Manager users. Operations and Attributes The following operations and attributes are supported for SailPoint integration. The listed attributes must be associated with a rule or value in a Provisioning Policy in the SailPoint CAPam application for attributes to sync. The CAPam application is configured with some default values, but clients might need to adjust these settings. Create a User To create a user with the "local" authType, all the listed attributes are required. To create a user with the "cac" authType, none of the listed attributes are required. firstName: User first name lastName: User last name email: User email address password: User password authType: supported values are local or cac (for smartcard users) IIQDisabled: true if user is disabled, or false if user is enabled Roles and User Groups are assigned as Entitlements. Modify a User To modify a user, all attributes are optional. firstName: User first name lastName: User last name email: User email address password: User password authType: supported values are local or cac (for smartcard users) IIQDisabled: true if user is disabled, or false if user is enabled Roles and User Groups are assigned or removed as Entitlements. Delete a User No attributes Aggregation Tasks As part of the CAPam application setup in SailPoint, aggregation tasks are defined to SailPoint to collect the user and entitlement data from Privileged Access Manager. These tasks should be scheduled to execute regularly to keep this data in sync with Privileged Access Manager. Follow these steps: From the main SailPoint menu, select Setup, Tasks.
Two Tasks are set up by the initial configuration: CAPam Account Aggregation regularly reads the Privileged Access Manager User table to keep in sync with Users and their entitlements CAPam Group Aggregation reads Privileged Access Manager User Roles and Groups and creates SailPoint Entitlements from them. To schedule a task, right‐click and select Schedule from the drop‐down list to display the New Schedule dialog. Select the Scheduled Tasks tab to edit schedules. You can select the Run Now box on the Edit Schedule tab to run the Task immediately. To see a list of SailPoint entitlements, go to the main menu, Applications, Entitlement Catalog. Workflow Example Once everything is configured in Privileged Access Manager and SailPoint IdentityIQ, the following example of the integration workflow is valid. This example shows a SailPoint user making a provisioning request for a Privileged Access Manager user. In SailPoint, go to Home, and select Manage User Access. An IdentityIQ user list appears under the Select Users tab. Select a User and select the Manage Access tab. Select Filters on the right. The Filter Access panel appears. From the Entitlement Application drop-down list, select CAPam, and Apply. The Roles and User Groups that are imported from Privileged Access Manager appear as Entitlements. Select a User Group or Role as an Entitlement. Select the Review tab at the top of the page. If the listed Add Access Entitlements are correct, select Submit at the bottom of the page. The Home page appears with a Success message at the top of the page. SailPoint send this data to Privileged Access Manager as a provisioning request. In Privileged Access Manager, go to Users, Manage Users, and find the new (or updated) User. The User should have the matching information, including Roles and Groups, as applicable. The User should be able to log in to Privileged Access Manager with the appropriate entitlements. An Aggregation Task runs in SailPoint, reading the information in the Privileged Access Manager integration tables, This Task closes the loop on the operation. Activity Log The Activity Log displays information about every action pertaining to the SailPoint integration. Create, delete, and update actions, their source, time, and results are listed. To view the Activity Log, follow these steps: Go to Configuration, 3rd Party, SailPoint. Select the Activity Log tab. The log table is sortable by clicking column headings. You can filter data using the controls above the headings. The Info column provides error messages, if applicable.
Content feedback and comments If you want to know more about integration visit this blog SailPoint Integration

Recommended

Winter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdfWinter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdfAnna Loughnan Colquhoun
 
Administration settings
Administration settingsAdministration settings
Administration settingsSyAM Software
 
SuiteCRM Customer Portal
SuiteCRM Customer PortalSuiteCRM Customer Portal
SuiteCRM Customer PortalAppJetty
 
Summer23-Welly Release Highlights - Stephen Stanley.pdf
Summer23-Welly Release Highlights - Stephen Stanley.pdfSummer23-Welly Release Highlights - Stephen Stanley.pdf
Summer23-Welly Release Highlights - Stephen Stanley.pdfAnna Loughnan Colquhoun
 
Client deployment
Client deploymentClient deployment
Client deploymentSyAM Software
 
Leverage StandardSetController in Apex and Visualforce
Leverage StandardSetController in Apex and VisualforceLeverage StandardSetController in Apex and Visualforce
Leverage StandardSetController in Apex and VisualforceSalesforce Developers
 
MageMob Cart Android & iOS Application
MageMob Cart Android & iOS ApplicationMageMob Cart Android & iOS Application
MageMob Cart Android & iOS ApplicationAppJetty
 
Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Rakesh Gujjarlapudi
 

Recommended

Winter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdfWinter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdfAnna Loughnan Colquhoun
 
Administration settings
Administration settingsAdministration settings
Administration settingsSyAM Software
 
SuiteCRM Customer Portal
SuiteCRM Customer PortalSuiteCRM Customer Portal
SuiteCRM Customer PortalAppJetty
 
Summer23-Welly Release Highlights - Stephen Stanley.pdf
Summer23-Welly Release Highlights - Stephen Stanley.pdfSummer23-Welly Release Highlights - Stephen Stanley.pdf
Summer23-Welly Release Highlights - Stephen Stanley.pdfAnna Loughnan Colquhoun
 
Client deployment
Client deploymentClient deployment
Client deploymentSyAM Software
 
Leverage StandardSetController in Apex and Visualforce
Leverage StandardSetController in Apex and VisualforceLeverage StandardSetController in Apex and Visualforce
Leverage StandardSetController in Apex and VisualforceSalesforce Developers
 
MageMob Cart Android & iOS Application
MageMob Cart Android & iOS ApplicationMageMob Cart Android & iOS Application
MageMob Cart Android & iOS ApplicationAppJetty
 
Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Rakesh Gujjarlapudi
 
Manually set up ALM accelerator for Power Platform components
Manually set up ALM accelerator for Power Platform componentsManually set up ALM accelerator for Power Platform components
Manually set up ALM accelerator for Power Platform componentsfaisal razzaq
 
Orangescrum Client management Add on User Manual
Orangescrum Client management Add on User ManualOrangescrum Client management Add on User Manual
Orangescrum Client management Add on User ManualOrangescrum
 
Cis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universityCis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universitylhkslkdh89009
 
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018Amazon Web Services
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)Sage CRM 7.2 Patch Release Notes (Patch E June 2014)
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)Sundae Solutions Co., Ltd.
 
Magento 2 Import Export Product Attributes Extension
Magento 2 Import Export Product Attributes ExtensionMagento 2 Import Export Product Attributes Extension
Magento 2 Import Export Product Attributes ExtensionMageAnts
 
Saml sap netweaver_fiori
Saml sap netweaver_fioriSaml sap netweaver_fiori
Saml sap netweaver_fioriNagendra Babu
 
Salesforce Miami User Group Event - WrapUp
Salesforce Miami User Group Event - WrapUpSalesforce Miami User Group Event - WrapUp
Salesforce Miami User Group Event - WrapUpSkyPlanner
 
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJetty
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJettyMagento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJetty
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJettyAppJetty
 
Feedback Pro Extension - User Guide
Feedback Pro Extension - User GuideFeedback Pro Extension - User Guide
Feedback Pro Extension - User GuideBiztech Store
 
Salesforce Winter ’23 Release Highlights
Salesforce Winter ’23 Release HighlightsSalesforce Winter ’23 Release Highlights
Salesforce Winter ’23 Release HighlightsSkyPlanner
 
Summer ‘14 Release Training by Astrea
Summer ‘14 Release Training by AstreaSummer ‘14 Release Training by Astrea
Summer ‘14 Release Training by Astreapriyanshi_astrea
 
Configuration manager
Configuration managerConfiguration manager
Configuration managerRaghu nath
 
ClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User GuideClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User GuideAruba, a Hewlett Packard Enterprise company
 
Business Process Implementation
Business Process ImplementationBusiness Process Implementation
Business Process ImplementationMustafa Jarrar
 
Cpq basics bycesaribeiro
Cpq basics bycesaribeiroCpq basics bycesaribeiro
Cpq basics bycesaribeiroCMR WORLD TECH
 
Winter 24 Highlights.pdf
Winter 24 Highlights.pdfWinter 24 Highlights.pdf
Winter 24 Highlights.pdfPatrickYANG48
 
Training
TrainingTraining
TrainingRevolucion
 
Actonic GDPR Tools for Jira
Actonic GDPR Tools for JiraActonic GDPR Tools for Jira
Actonic GDPR Tools for JiraActonic App Doc
 
Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayMakMakNepo
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 

More Related Content

Similar to Introduction to SailPoint Integration

Manually set up ALM accelerator for Power Platform components
Manually set up ALM accelerator for Power Platform componentsManually set up ALM accelerator for Power Platform components
Manually set up ALM accelerator for Power Platform componentsfaisal razzaq
 
Orangescrum Client management Add on User Manual
Orangescrum Client management Add on User ManualOrangescrum Client management Add on User Manual
Orangescrum Client management Add on User ManualOrangescrum
 
Cis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universityCis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universitylhkslkdh89009
 
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018Amazon Web Services
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)Sage CRM 7.2 Patch Release Notes (Patch E June 2014)
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)Sundae Solutions Co., Ltd.
 
Magento 2 Import Export Product Attributes Extension
Magento 2 Import Export Product Attributes ExtensionMagento 2 Import Export Product Attributes Extension
Magento 2 Import Export Product Attributes ExtensionMageAnts
 
Saml sap netweaver_fiori
Saml sap netweaver_fioriSaml sap netweaver_fiori
Saml sap netweaver_fioriNagendra Babu
 
Salesforce Miami User Group Event - WrapUp
Salesforce Miami User Group Event - WrapUpSalesforce Miami User Group Event - WrapUp
Salesforce Miami User Group Event - WrapUpSkyPlanner
 
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJetty
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJettyMagento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJetty
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJettyAppJetty
 
Feedback Pro Extension - User Guide
Feedback Pro Extension - User GuideFeedback Pro Extension - User Guide
Feedback Pro Extension - User GuideBiztech Store
 
Salesforce Winter ’23 Release Highlights
Salesforce Winter ’23 Release HighlightsSalesforce Winter ’23 Release Highlights
Salesforce Winter ’23 Release HighlightsSkyPlanner
 
Summer ‘14 Release Training by Astrea
Summer ‘14 Release Training by AstreaSummer ‘14 Release Training by Astrea
Summer ‘14 Release Training by Astreapriyanshi_astrea
 
Configuration manager
Configuration managerConfiguration manager
Configuration managerRaghu nath
 
Business Process Implementation
Business Process ImplementationBusiness Process Implementation
Business Process ImplementationMustafa Jarrar
 
Cpq basics bycesaribeiro
Cpq basics bycesaribeiroCpq basics bycesaribeiro
Cpq basics bycesaribeiroCMR WORLD TECH
 
Winter 24 Highlights.pdf
Winter 24 Highlights.pdfWinter 24 Highlights.pdf
Winter 24 Highlights.pdfPatrickYANG48
 
Actonic GDPR Tools for Jira
Actonic GDPR Tools for JiraActonic GDPR Tools for Jira
Actonic GDPR Tools for JiraActonic App Doc
 

Similar to Introduction to SailPoint Integration (20)

Manually set up ALM accelerator for Power Platform components
Manually set up ALM accelerator for Power Platform componentsManually set up ALM accelerator for Power Platform components
Manually set up ALM accelerator for Power Platform components
 
Orangescrum Client management Add on User Manual
Orangescrum Client management Add on User ManualOrangescrum Client management Add on User Manual
Orangescrum Client management Add on User Manual
 
Cis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universityCis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry university
 
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018
Best Practices for Scalable Monitoring (ENT310-S) - AWS re:Invent 2018
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)Sage CRM 7.2 Patch Release Notes (Patch E June 2014)
Sage CRM 7.2 Patch Release Notes (Patch E June 2014)
 
Magento 2 Import Export Product Attributes Extension
Magento 2 Import Export Product Attributes ExtensionMagento 2 Import Export Product Attributes Extension
Magento 2 Import Export Product Attributes Extension
 
Saml sap netweaver_fiori
Saml sap netweaver_fioriSaml sap netweaver_fiori
Saml sap netweaver_fiori
 
Salesforce Miami User Group Event - WrapUp
Salesforce Miami User Group Event - WrapUpSalesforce Miami User Group Event - WrapUp
Salesforce Miami User Group Event - WrapUp
 
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJetty
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJettyMagento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJetty
Magento Mobile App Builder, Mobile App For Magento Ecommerce Store - AppJetty
 
Feedback Pro Extension - User Guide
Feedback Pro Extension - User GuideFeedback Pro Extension - User Guide
Feedback Pro Extension - User Guide
 
Salesforce Winter ’23 Release Highlights
Salesforce Winter ’23 Release HighlightsSalesforce Winter ’23 Release Highlights
Salesforce Winter ’23 Release Highlights
 
Summer ‘14 Release Training by Astrea
Summer ‘14 Release Training by AstreaSummer ‘14 Release Training by Astrea
Summer ‘14 Release Training by Astrea
 
Configuration manager
Configuration managerConfiguration manager
Configuration manager
 
ClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User GuideClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User Guide
 
Business Process Implementation
Business Process ImplementationBusiness Process Implementation
Business Process Implementation
 
Cpq basics bycesaribeiro
Cpq basics bycesaribeiroCpq basics bycesaribeiro
Cpq basics bycesaribeiro
 
Winter 24 Highlights.pdf
Winter 24 Highlights.pdfWinter 24 Highlights.pdf
Winter 24 Highlights.pdf
 
Training
TrainingTraining
Training
 
Actonic GDPR Tools for Jira
Actonic GDPR Tools for JiraActonic GDPR Tools for Jira
Actonic GDPR Tools for Jira
 

Recently uploaded

Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayMakMakNepo
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 

Recently uploaded (20)

Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up Friday
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 

Introduction to SailPoint Integration

  • 1. Introduction to SailPoint Integration Integrate with SailPoint You can integrate SailPoint with Privileged Access Manager in two ways: SailPoint STI (Simple Table Integration) STI is an extensive SailPoint-specific integration, with configuration required on both sides, resulting in automatic synchronization and workflow. This option requires an integration license option. See the following STI Setup section. SCIM (System for Cross-domain Identity Management) SCIM is an application-level REST protocol for managing user identity data between domains. Want To Get SailPoint Training From Experts? Enroll Now For Free Demo SailPoint Training. Clustering When Privileged Access Manager is clustered, users should connect to the cluster Primary Site VIP rather than an individual server. The VIP address provides availability in case the server that was originally configured for SailPoint is unavailable. STI Setup Privileged Access Manager populates SailPoint integration tables with Privileged Access Manager Users (with current Role and User Group assignments), Roles, and User Groups. Privileged Access Manager Roles and User Groups are imported by SailPoint to be defined as Entitlements. Privileged Access Manager Users are imported and made into IdentityIQ Users in SailPoint. Whenever changes occur within Privileged Access Manager, these tables are updated on a configurable interval. Privileged Access Manager Configuration For the SailPoint configuration options to appear, the SailPoint integration option must be licensed. SailPoint STI uses port 3306 to communicate with PAM. To configure SailPoint integration in Privileged Access Manager, follow these steps: Go to Configuration, 3rd Party, SailPoint. Enter the Database User, and Database Password. The password is used in SailPoint configuration, which follows. Set the Update Interval, in seconds. This value determines how often Privileged Access Manager checks for incoming SailPoint requests, exports relevant data to SailPoint. For SailPoint Whitelist, enter at least one SailPoint server address. These addresses are the only connections to allow for SailPoint integration. Valid entries are IP address, hostname, and FQDN values. Select Save to save your settings.
  • 2. Select Install to set up the SailPoint integration Tables. The installation is only done once. This button is enabled if SailPoint is licensed, and disabled again once the installation is complete. Select Download to acquire a zip file of the Privileged Access Manager SailPoint application. Use this file during the configuration of the SailPoint side of the integration. Unzip this file and save CAPamConfiguration.xml in a location accessible by your SailPoint application. The Import button is optional. You can manually direct Privileged Access Manager to read the provisioning queue. Import is also automatically done according to the Update Interval setting. The Export button is optional. You can manually direct Privileged Access Manager to populate the SailPoint tables. Export is also automatically done according to the Update Interval setting. SailPoint Configuration Before you configure the integration in SailPoint IdentityIQ, ensure that these prerequisites are met: Install the LCM (Lifecycle Manager) module for SailPoint Install the STI (Simple Table Integration) integration for SailPoint To configure the integration in SailPoint, follow these steps: In SailPoint IdentityIQ, select the configuration gear icon and select Global Settings. The Global Settings page appears. Select the Import from File option in the lower right. Select Choose File under Import Objects. Select CAPamConfiguration.xml, which you downloaded during the Privileged Access Manager configuration. Select Import. Under Applications, Application Definitions, select the CAPam application. The Edit Application CAPam page appears. Select the Configuration tab. Under Settings, enter the correct Connection Password, which was not provided in the configuration XML file. This password is the password that you entered in step 2 of Privileged Access Manager Configuration. Scroll down to Object Type: usergroup. Under Settings, enter the correct Connection Password. Scroll down to Object Type: role. Under Settings, enter the correct Connection Password. Scroll down to Object Type: group. Under Settings, enter the correct Connection Password. Scroll to the bottom of the page and select Test Connection. "Test successful" appears. If not, edit the passwords. Select Save to save your changes. For your specific SailPoint IdentityIQ configuration, you can change the default provisioning policies that are provided by Privileged Access Manager. Inspect these settings to determine if you must change them. Under Configuration, select Provisioning Policies. Under Object Type: account, for the Create Type, select User. The Attributes for User appear. Select an Attribute, such as lastName. See Operations and Attributes for a list of the supported operations and attributes. The Edit Options appear on the right.
  • 3. Select Value Settings. The value for lastName can be a static Value, be Dependent, be determined by a Script, or be determined by a Rule. If you want to save you changes, select Save. On the Edit Application CAPam, Password Policy page, configure a default password policy that follows the default password policy set for Privileged Access Manager users. Operations and Attributes The following operations and attributes are supported for SailPoint integration. The listed attributes must be associated with a rule or value in a Provisioning Policy in the SailPoint CAPam application for attributes to sync. The CAPam application is configured with some default values, but clients might need to adjust these settings. Create a User To create a user with the "local" authType, all the listed attributes are required. To create a user with the "cac" authType, none of the listed attributes are required. firstName: User first name lastName: User last name email: User email address password: User password authType: supported values are local or cac (for smartcard users) IIQDisabled: true if user is disabled, or false if user is enabled Roles and User Groups are assigned as Entitlements. Modify a User To modify a user, all attributes are optional. firstName: User first name lastName: User last name email: User email address password: User password authType: supported values are local or cac (for smartcard users) IIQDisabled: true if user is disabled, or false if user is enabled Roles and User Groups are assigned or removed as Entitlements. Delete a User No attributes Aggregation Tasks As part of the CAPam application setup in SailPoint, aggregation tasks are defined to SailPoint to collect the user and entitlement data from Privileged Access Manager. These tasks should be scheduled to execute regularly to keep this data in sync with Privileged Access Manager. Follow these steps: From the main SailPoint menu, select Setup, Tasks.
  • 4. Two Tasks are set up by the initial configuration: CAPam Account Aggregation regularly reads the Privileged Access Manager User table to keep in sync with Users and their entitlements CAPam Group Aggregation reads Privileged Access Manager User Roles and Groups and creates SailPoint Entitlements from them. To schedule a task, right‐click and select Schedule from the drop‐down list to display the New Schedule dialog. Select the Scheduled Tasks tab to edit schedules. You can select the Run Now box on the Edit Schedule tab to run the Task immediately. To see a list of SailPoint entitlements, go to the main menu, Applications, Entitlement Catalog. Workflow Example Once everything is configured in Privileged Access Manager and SailPoint IdentityIQ, the following example of the integration workflow is valid. This example shows a SailPoint user making a provisioning request for a Privileged Access Manager user. In SailPoint, go to Home, and select Manage User Access. An IdentityIQ user list appears under the Select Users tab. Select a User and select the Manage Access tab. Select Filters on the right. The Filter Access panel appears. From the Entitlement Application drop-down list, select CAPam, and Apply. The Roles and User Groups that are imported from Privileged Access Manager appear as Entitlements. Select a User Group or Role as an Entitlement. Select the Review tab at the top of the page. If the listed Add Access Entitlements are correct, select Submit at the bottom of the page. The Home page appears with a Success message at the top of the page. SailPoint send this data to Privileged Access Manager as a provisioning request. In Privileged Access Manager, go to Users, Manage Users, and find the new (or updated) User. The User should have the matching information, including Roles and Groups, as applicable. The User should be able to log in to Privileged Access Manager with the appropriate entitlements. An Aggregation Task runs in SailPoint, reading the information in the Privileged Access Manager integration tables, This Task closes the loop on the operation. Activity Log The Activity Log displays information about every action pertaining to the SailPoint integration. Create, delete, and update actions, their source, time, and results are listed. To view the Activity Log, follow these steps: Go to Configuration, 3rd Party, SailPoint. Select the Activity Log tab. The log table is sortable by clicking column headings. You can filter data using the controls above the headings. The Info column provides error messages, if applicable.
  • 5. Content feedback and comments If you want to know more about integration visit this blog SailPoint Integration