SailPoint Extensibility: Automate and Embed Identity Security Across the Business

Ensure Identity Security Keeps Pace with Your Digital Ecosystem

Organizations continue to accelerate their adoption of cloud infrastructure and apps (such as SaaS, iPaaS, or PaaS), shifting to a digital-first, anywhere approach to enable their users in the virtual workforce to work faster and more securely.

Not only are there more cloud-based applications and platforms than ever before but these are also increasingly dependent on – and interconnected with – essential digital ecosystems (e.g. business, IT and security).

So there is no doubt that your existing policies and methods for identity security must keep pace — to guard against data theft or loss of IP, disruption to business operations, potential damage to your brand, as well as penalties for non-compliance.

But how are you currently extending core identity security policies and practices to applications and platforms?

This white paper will present a more cost-effective alternative for building the kind of automated workflows you need. Using APIs and event triggers can reduce integration development from months to days (or even hours). And taking advantage of an extensible framework of a core identity security platform will automate and infuse identity security into your critical business processes and workflows.

Why Extensibility:

Many modern software architectures are implemented using event-driven programming, especially integration use cases between SaaS applications from different vendors.

An event-driven architecture is designed to receive and react to events such as user clicks in a UI, object changes in a database, or messages originating from other subsystems in a distributed architecture.

For example, a core identity security platform broadcasts predefined events when something in the system changes; downstream applications listen to those events and update accordingly. This allows decoupled, highly reactive, independent subsystems to all work in concert.

Another example, when an identity attribute changes (e.g., the approving manager for a user changes), the event is sent to an iPaaS system like a workflow orchestration engine. This triggers custom business logic within the iPaaS system. The appropriate cloud systems and applications connected to the iPaaS system may be directed to perform an action (e.g., to generate a certification campaign or send an automatic notification).

But to be cost-effective, this process needs to be foolproof — easily integrating with virtually any workflow platform. With access to SDKs and open-source tools, these integrations can be designed to support an organization’s unique business requirements. Thus, identity security becomes fundamental to the business as opposed to a hurdle to overcome.

Bidirectional Integration: The Next Level

In a more interactive integration, the trigger from the identity security platform gives the receiving application the ability to respond in order for the interaction to be considered complete and successful.

For example, when a user requests access, the identity security platform automatically knows that for this type of request it needs to pass the event on to a critical, high-risk analysis application for evaluation. Thus, when the identity security platform receives the analysis recommendation, the interaction is complete and the access request approved or denied.

The external business app or platform needs to respond to the request with a result as specified in the trigger’s output schema. Responses may be framed as:

Examples of core events that trigger actions on an integrated external application or platform

With this level of integration, workers can request access to an application or approve access right within these collaboration tools, eliminating the continuous distraction of switching between multiples apps to get work done.

Build New Integrations Faster to Meet Unique Business Needs Securely

Using an extensibility framework unleashes productivity. Instead of tasking an entire team with building integrations, the framework streamlines the creation of integrations via a toolkit of event triggers, APIs, and drag-and-drop workflows. This interface is not only far more efficient but provides deeper insights and control of user access lifecycles, and triggers automated processes across the business.

Event triggers are the perfect vehicle for communicating changes in an identity security platform. Event triggers emitted from the platform can be received by a multitude of downstream applications, for example, receiving a Slack notification every time a Jira ticket changes, or auto-inviting new employees to your #welcome Slack channel every time a new user is added to your directory.

REST APIs allow organizations to build their own applications, websites, and tools to take advantage of data, features, and workflows from identity security solutions. The APIs follow a familiar, simple RESTful standard, using standard query and path parameters, request/response headers, and JSON request/response bodies.

These options – together with a drag-and drop-workflow interface – enable the creation of automated no-code workflows that connect to a virtually limitless number of external applications and platforms, allowing you to scale while also creating tailor-made integrations that fit your unique requirements.

An easy to use, drag-and-drop workflow UI simplifies automation and accelerates the development of integrations. This also enables the non-technical business user to tailor workflows to fit their business needs.

By incorporating workflows, you can:

Take the Next Step with SailPoint

SailPoint’s Identity Security Platform features a built-in extensibility framework that provides event triggers, APIs, and a drag-and drop-workflow interface to quickly and seamlessly integrate identity security into your existing business processes and ecosystem of applications.

Build automated workflows rapidly and with little to no code. SailPoint’s extensibility framework easily integrates with industry-leading iPaaS providers and incorporates identity into the applications users rely on every day.

And with the SailPoint Developer Community, you’ll have everything you need to get started, including:

SailPoint’s extensibility capabilities make your organization more connected and in turn–more protected. You’ll gain deeper insights and control of user access lifecycles and trigger automated processes where once an entire team was needed for manual processing. The possibilities that extensibility provides are limitless. So take control and embed identity within your digital ecosystem with the SailPoint Identity Security Platform.