How can we integrate one identity manager to RSA IGL for deprovisioning activites from reviews.
How can we integrate one identity manager to RSA IGL for deprovisioning activites from reviews.
Hi Durga,
I assume you mean reviews conducted within IGL and the provisioning part via OneIdentity. At one of my customers they have integrated that but their OID deployment hasn't had a REST interface for that back then. so they had IGL write all revoke actions into a seperate database table and OID picked it up from there. Yes, not very straight forward.
Your best way forward is to check if OID offers a REST/SOAP interface to receive change requests, similar to how IGL can receive them from the outside. Then use that interface.
Frank
I am actually working on this very integration as we speak (in progress).
One Identity Manager has a REST API which can be used in by our Generic REST connector. I would suggest you work with the One Identity Manager application team on your end to identify which APIs you will call and which data you will pass in since that will differ from one implementation to another.
https://support.oneidentity.com/technical-documents/identity-manager/8.0/rest-api-reference-guide
Similar to any other integration with a ticketing system or provisioning platform (for example: ServiceNow), make sure your design covers all possible scenarios end-to-end. Otherwise you might end up with a lot of never closing requests or mismatches between requests on both sides. For example: