Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

Identity governance and administration

Certification

search

Certification

Certification

SailPoint certification is a process which allows an organization to generate access reports at required intervals. When SailPoint is certifying access, the SailPoint’s AI-based recommendations appear as a thumbs-up or thumbs-down icon for validation whether the access should be granted or revoked. Once certified, access is automatically adjusted and documented for future audit purpose.

Best suitable certification methods to generate report in respect to the users and their groups accessed in STA is listed below.

To create a Certification Campaign, perform the following steps:

  1. On the SailPoint IdentityIQ admin console, click Setup > Certifications.

    Alt text

  2. On the Certification window, click New Certification > Account Group Membership.

    Alt text

  3. On the Schedule Certification window, underBasic, perform the following steps:

    1. In the Certification Name field, enter a name of your choice. By default, its value is Account Group Membership Certification[${fullDate}].

    2. In the Certification Owner dropdown, select the certification owner.

      Alt text

    3. In the Application(s) field, select the application that you have created in Step 4(a) of Create a Web Services Application. for example,SafeNet.

      Alt text

    4. Ensure that the Certify By Object Type checkbox is selected, and then in add object type field, select <Application> group (for example, SafeNet group).

      Alt text

    5. Select the Run Now checkbox. If you want to run a certification after its creation, choose the execution frequency and set the Start time to schedule it later.

    6. At the bottom, on the right side, click Schedule Certification.

      Alt text

  4. On the Certifications window, the certification status will be displayed as Active.

    Alt text

  5. Click on the certification that you have created in the above Step 3(a).

  6. Under Access Reviews, click the newly created certification.

    Alt text

  7. On the Account Group Membership Access Review for (<SafeNet>) for The Administrator window, click Group By, and then click Account Group

    Alt text

  8. Click Approve or Revoke to take access decision for user access towards the groups.

    Alt text

  9. Click Save <n> Decisions, and then click Sign-Off Decisions. Where <n> represents number of decisions.

    Alt text

After following the above steps, you will be able to certify users and their respective access within SailPoint IdentityIQ.