#nowhiring for multiple positions in USA, CANADA & INDIA  See Open Positions

Sailpoint IdentityIQ – Customized Debug page

Banking

2 Certified Professionals

80 Hours ​

In the current client scenario, applications are being deleted without permission, and the log shows that the Administrator is being used to do so. The client required the prohibition of users with administrator rights from removing items from SailPointIIQ. On the other hand, the preceding workflow needed users with admin privileges. Since the client also wanted to make sure that the developers can access and use the delete functionality for some of the specific tasks.

 

Challenge

  • The challenge was to create multiple debug pages, without modifying any options or permissions. Removing the delete option from the debug page from users with admin privilege was not an option because it was difficult for the developers team to do their job.
  • But at the same time all the tools’ features were to be kept intact while merely removing the delete option from one debug page UI and creating another debug page with full functionality.

 

Solution

  • The primary goal was to create two debug pages (Read-only and Delete), one for the users with administrative privileges, who would not have the delete option, and the other for a group of selected users who actually needed the delete functionality.
  • The team removed the delete option from the Debug page of their on-premise SailPoint IIQ interface by customising several java files and elements within them.
  • Completely removing the delete option from the debug page user interface allowed the team to prevent users with administrator privileges from deleting object files from the debug page.
  • After creating a second debug page with delete functionality, we added an authentication mechanism to act as an extra layer of security that will restrict access to only certain users

 

Result

  • This solution prevented unauthorised users from deleting objects stored in the database.
  • Any objects, like applications, rules, and identities, can be deleted only by specific users (developers).
  • Even if a user has admin privilege, he still needs to be part of the restricted group to use the second debug page.
  • As a result, the changes were reflected in the new environment efficiently and without any hindrance or downtime.
  • Due to the professional’s efficient approach, the project was finished on schedule and met the client’s goal.

How SecurDI can help

Since IdentityIQ offers several customization options, we, with our certified professionals at SecurDI, help organisations deliver dependable and comprehensive solutions aligning their complex business objectives. Added to that, all our solutions are tested and incorporate best practices. At SecurDI, a constant goal in every one of our projects is to make the interaction effective and your investments worthwhile.

 

Success

Thank you for filling up the form. Our team will get in touch with you shortly.