Connect SailPoint IdentityIQ with Human Managed via API

This article covers the step-by-step procedure to send data such as users, groups, and roles from SailPoint IdentityIQ (IIQ) to the Human Managed platform via API. 

Step 1: Create a service request ticket for Human Managed to configure the API Receiver

1. Submit a request 
2. In the Subject, type or select Connect SailPoint IIQ via API
3. In the ticket body, provide the following details:
   • Base URL - The Base URL for your SailPoint IIQ instance is the URL that you will use to connect to the SailPoint IIQ API.
   • OAuth2 Client ID and Secret Key or Username and Password for your SailPoint IIQ instance with SCIM Executor and WebServices Executor User Capabilities.
   • For on-premise installation of SailPoint IdentityIQ – a VPN Tunnel needs to be established between the Human Managed platform cloud to Customer Firewall with Ports 80 and 443 enabled.  -- please specify this in the ticket if your SailPoint IIQ is on-premise. 
4. Once the ticket has been accepted by Human Managed and the ticket status has been updated, follow the next steps.

Step 2: Generate OAuth2 Client ID and Secret Key

1. Log in to SailPoint 
2. On the Navigation bar, click on Identities > Identity Warehouse. 
   
3. Click on the Proxy User that you will provision for Human Managed. 
4. Once in the User Identity Page, click on the User Rights tab. 
   
5. Under User Capabilities, select SCIM Executor and WebServices Executor then click Save.
6. Once done saving, click on the Settings icon on the top-right corner of the page then click Global Settings.
   
7. Go to API Authentication.
   
8. On API Authentication Page, click on Create button.
   
9. Input Client Name “Human Managed” and select the Proxy User you have configured earlier.
   
10. After creating the OAuth Client, copy the Client ID and then save.
    
11. To get the secret key, click on the i icon under Secret column to show the secret key.
12. Copy and save the secret key.