Terms used in SailPoint IIQ

In Sailpoint IIQ, so many terms are used. Here we will see the various terms used in Sailpoint IIQ.

  • Identity: Identity is the object in Sailpoint on which Sailpoint does all the activity like Provisioning, de-provisioning, LCM, Joiner, etc. Identity is key data in Sailpoint.

  • Role: A role is a group of entitlements. The role is made up of various entitlements clubs together.

  • Entitlement: Entitlement is created to give permission to access any application or resource in a limited way like read-access, read-write entitlement. 

  • Group Factory: Group factory applies on the attribute. if we assign a group factory to any attribute, then later that attribute can be used to group the search result. e.g if we make location attribute as group factory, then we can make a filter to see identities from different locations.

  • Joiner: Joiner is a Sailpoint event, that triggers when a new identity is created in Sailpoint.

  • Mover: Mover is a Sailpoint event trigger when an identity change/move from one department to another.

  • Leaver: A leaver is an event that triggers when identity leaves the organization.

  • WorkItem: Workitem is manual actions created and send to appropriate owners to take any action on the request raised by the identities.

  • Workflow/ Business Process: Sailpoint Workflow or business process is the step-by-step execution to perform any task. There are so many Workflows out of the box provided by the Sailpoint like LCM, password, etc.

  • Certification: Certification or Access review is the way to check whether the right identities have the right access at a given point in time. Certifications are generally scheduled periodically to check or validate the right access for identities. e.g. Application certification, Owner certification, manager certification, etc.

  • Identity Creation: Identity creation is the process of creating identities in Sailpoint. Generally, identities are created during the aggregation process or user onboarding.

  • Correlation: Correlation is the concept or logic to correlate the accounts with already created identities in the Sailpoint. Usually, Correlation is done during the aggregation process.

  • Customization: Customization is the process to customize the data before persisting in Sailpoint. Customization is done during the aggregation process.

  • Entitlement Catalog: An entitlement Catalog is a place where entitlements of all the applications are saved. you can see Entitlement Catalog under Applications -> Entitlement Catalog.

  • Tasks: Tasks are like separate modules to perform some operation. Tasks can be scheduled at different intervals of times to perform some action like Aggregation task, Identity Refresh Task, etc.

  • Forms: Forms are used to take input from the user. forms are used at various points like provisioning forms etc.

  • Beanshell: Beanshell is a language that is understood by Sailpoint. Beanshell is used to write Rule, workflow, etc. Beanshell is a combination of java and XML.

  • Aggregation: Aggregation is the process to fetch the data from the Application into Sailpoint. Aggregate generally fetches the account data and entitlement data.

  • Connected Application: Connected Applications are those applications where Sailpoint directly connects with the application to do all operations like provisioning,de-provisioning, etc.  It does not wait to run any task or Scheduler to do these operations. Sailpoint directly connects with the Application 24* example like Active directory.

  • Disconnected Application: Disconnected Applications are reversed to connected ones. they are not connected directly and these types of applications need some extra Tasks or Scheduler to perform the various operations example application is a delimited file connector.

  • RBAC: RBAC is Role-Based Access Control is the way or method used to provide the access according to the Roles automatically.

  • Provisioning: Provisioning means to provide the access to identity on some application.