IdentityIQ Implementation: Rules, Scripts, and API v8.0 - ELEARNING


This course introduces the options provided in IdentityIQ for extending the product’s behaviors to support customers’ business needs through BeanShell (Java) logic.  It introduces the IdentityIQ API, focusing on the classes most often used in customer extensions, and it highlights some of the most common rule and script hook points, as well as SailPoint’s recommended best practices for BeanShell development. 

This course does not teach Java programming in general and is not exhaustive of all the tips and tricks one might want to know or might learn over the course of being an IdentityIQ implementer (engineer or architect). It starts students in the right direction with the key points needed to get started on an implementation.


The course is delivered as an elearning course, made up of short presentation video segments and hands-on exercises. A Skytap Virtual Machine is provided which contains all of the course artifacts, so all work on the exercises will be completed inside that environment. Solution files are also provided, to use as a reference as needed.

To help the user confirm their understanding of the content, this course includes knowledge check questions throughout the videos and exercises.

The course is appropriate for IdentityIQ versions 8.0, 8.1, and 8.2.

Goals for Attendees

  • Describe IdentityIQ rules/scripts and their general purpose
  • Define the differences between rules and scripts
  • Run a rule using
    • rule hooks within core product processes
    • the Run Rule task
    • the Debug page
    • the IdentityIQ console (iiq console)
  • Write rules to create, retrieve, manipulate, and navigate between objects in a SailPoint installation
  • Use the API to interact with IdentityIQ’s database through its object model
  • Explain IdentityIQ’s support for and uses of XML serialization of objects
  • Retrieve and modify built-in and extended object attributes with the appropriate class getter and setter methods
  • Use the JavaDoc to identify available classes/methods
  • Write SailPointContext methods to search for objects, applying filters and other query modifiers as needed
  • Differentiate between the SailPointContext search methods and use them appropriately
  • Describe key IdentityIQ objects and their representations and relationships: Identity, Account, Application, Entitlement, Role, Certification, Provisioning objects, Custom objects
  • Explain the uses for specific rule hooks in Aggregation and Certification processes, as well as in Workflow definitions
  • Use built-in and custom loggers in BeanShell to specify trace through error level logging
  • Implement good design practices for rule performance using projection queries, query filtering, cache management, cursor management
  • Extend or override Accelerator Pack rules



  • Attendees must first obtain a Compass account and an Identity University account.
  • Attendees should take the IdentityIQ Implementation and Administration: Essentials course before pursuing this course. Strong knowledge of all areas of IdentityIQ’s functionality is not strictly required to complete this course, but the course does assume an understanding of the IdentityIQ product and object model.
  • It is highly beneficial for attendees also to be familiar with Java (or some other programming language). Course exercises involve writing BeanShell code, which uses Java syntax. The code you will write will be inserted into a partially-completed block of code, providing you with a structure for completing the coding tasks. Solution files are available in the VM, and the answer key in the exercise book also contains the code lines you are expected to write, which you can reference if you encounter difficulties.

Course Exercises: Course exercises are completed in a web-based virtual machine.

Certificate: To obtain the course completion certificate you must complete all of the modules and the course feedback survey.

System Requirements: Make sure your system and internet connection meet all SkyTap Access Requirements. 

Course Access: Access to this course is provided for 90 days from date of enrollment.

See the Identity University FAQ for more information.

Additional Notes

Have you taken IdentityIQ Implementation: Essentials v7.2 or earlier?

This course expands on the rules content that was covered in IdentityIQ Implemenation: Essentials v7.2 or earlier. Thus, if you have taken one of these courses, you will see some review in this content. However, coveage of most topics has been expanded from that covered in previous courses to provide more nuance and depth. Additionally, this course also includes many new hands-on coding exercises  Thus, this course better prepares students to write proficient code for extending IdentityIQ. 


4 hours


To register for this course please click "Register" below. If you are registering for someone else please check "This is for someone else".

The training is priced from $ 400.00 USD per participant