ServiceNow Can Immediately Terminate Users In RSA L&G (Aveksa)

Many of our clients face the decision between which system change requests should originate from  (e.g. ServiceNow, Cherwell, or the IAM tool).  When the enterprise has chosen an external system to originate the change requests, one common Use Case is immediate terminations.

Organizations need a way to help mitigate the current risk around manual terminations, and sometimes need to use a third party system such as ServiceNow to immediately terminate users.  Typically the change requests to deactivate or delete a user’s access might sit in an email inbox for days before any action is actually taken.  Organizations are finding this lapse in time is too long of an exposure, and are looking to integrate RSA L&G (Aveksa) into their existing platform.  RSA L&G (Aveksa) supports integrating with these tools both as the source of the change request and as the system receiving the change request.

The following describes at a high level how RSA L&G (Aveksa) can integrate with those tools as the system receiving the change request using the RSA built-in out-of-the-box web service support.  In order to do so you need to activate the web service functionality in the administrative settings.  Once activated, other tools such as ServiceNow can talk to RSA L&G (Aveksa) and open change requests.

An example template for the XML request is as follows:
<Description> </Description>
<Notes> </Notes>
        <Operation> </Operation>
        <Account> </Account>
        <AccountCollector> </AccountCollector>
        <Group> </Group>
        <GroupCollector> </GroupCollector>

The same process is also used to add and remove entitlements, and can also be used to extend an external contractor’s expiration dates.  This prevents the termination process from kicking off and administrators having to expend a significant amount of time with manual remediation.  If you have questions around the integration, let us know and we can help.