25 July 2025

SailPoint: Identity Security Cloud Production release notes

Product and Feature enchacements:

 

Machine Identity Security:

  • Users can now opt out of the Machine Account Discovery feature by disabling it on the System Features page.

Connectivity – Jack Henry:

  • The Jack Henry connector now supports Symitar 2024.

Connectivity – Snowflake:

  • The Snowflake Connector can now aggregate database roles as entitlements. It can also assign and revoke database roles at the account level.

Identity Security Cloud – Core Access Model:

  • Standard criteria for role assignments have been enhanced as follows to provide an improved administrative experience and greater flexibility in assigning roles:
    • A Does Not Contain operator has been added for Identity and Account attribute expressions.
    • The ability to compare against a list of values in a single criteria statement has been added. For example, you could evaluate if a user’s department is EQUAL to Accounting, Finance, or Accounts Payable in a single statement.
    • The >, >=, <, and <= numeric operations have been added to account attribute expressions.
    • Issues with boolean comparisons evaluating null values as FALSE have been resolved.

 

Fixes:

 

Identity Security Cloud – Core Access Model (SAASTRIAGE-8724):

  • Fixed an issue where source attributes were not displaying on the Entitlement Details page.

Connectivity – Active Directory(CONETN-5109):

  • The Active Directory connector no longer throws an error when using a gMSA account if the same service account is being used for multi-domain or multi-forest configurations.

 

Further details available from the Compass Community site here: SaaS Release Notes – Compass

15 July 2025

SailPoint: IdentityIQ 8.5 New Features

New Features:

 

Microsoft Teams Integration: Access Request Approvals: 

  • With this enhancement to IdentityIQ’s Microsoft Teams integration, approvers now have a simple way to manage access request approvals that is seamlessly integrated with Microsoft Teams, enabling them to make decisions on the go. Here are few of the actions users can take:Accept, Deny, Forward, AssignView work item detailsView policy violations

GenAI Descriptions for Entitlements: 

  • Managing entitlement descriptions at scale can be overwhelming—some IdentityIQ customers have catalogs with over a million entitlements. To ease this burden, IdentityIQ 8.5 introduces a powerful new GenAI-driven feature that automatically suggests entitlement descriptions using large language models. This enhancement helps keep your catalog accurate and up-to-date with minimal effort, saving time and improving clarity across your identity landscape.

 

Restrict View of Sensitive Identity Attributes:

  • As organizations store more sensitive personal data in IdentityIQ, protecting that information is more important than ever. With IdentityIQ 8.5, we’re introducing the ability to restrict visibility of sensitive identity attributes—ensuring that only users with a legitimate purpose can access certain personal or confidential fields. Whether it’s PII or other sensitive identity data, this feature allows you to define exactly who can see what, with flexible configuration options.

This enhancement helps organizations enforce data privacy while still empowering users to do their jobs effectively. Affected areas include Identity Warehouse, Manage Identity, Access Reviews, and Work Items.

 

UX/UI Modernization and Improvements:

  • As part of our continued effort to modernize IdentityIQ and improve the user experience, IdentityIQ 8.5 includes several UI and UX enhancements:
    • Improved the Sunrise/Sunset experience with a more intuitive look and feel, and a streamlined flow for adding, removing, or changing access. In addition, the terms Sunrise/Sunset Dates have been renamed to Start/End dates for better clarity.
    • Added new filters, Role Owner and Access Typeon the Manage Access Request page to help users find relevant access more efficiently.
    • Enhanced the end user access review page by making sorting clearer and displaying the actual due date directly in the UI.
    • Made the “Show Classifications” option configurable in Entitlement Owner Certifications, allowing more flexibility based on certification needs.
    • Modernized the front-end framework from AngularJS to Angular 18 on the following pages:
      • Access Review
      • Rapid Setup
      • Login Page
      • Admin Preferences
      • API Authentication
      • Access History

Access Request Entitlement Recommendations (Coming Soon): 

  • Access Request Recommendations have been expanded to include entitlements, enhancing the self-service experience with intelligent, data-driven recommendations. This improvement helps users request appropriate access more efficiently and reduces the burden on approvers by minimizing unnecessary or inappropriate requests.This feature closes the gap between role and entitlement recommendations by offering both options for self-service access requests. Recommendations eliminate guesswork by suggesting the entitlements users need to perform their job and consolidating all required access into a single request.

 

Further details available from the Compass Community site here:  What’s New in IdentityIQ 8.5 – Compass