The statement is not technically accurate. In SailPoint IdentityIQ, applications are defined to represent external systems, platforms, directories, databases, or resources from which account, group, entitlement, and attribute data are aggregated, and in some cases to which provisioning changes are written. IdentityIQ does not generally “read identities” directly from applications. Instead, it reads account records and associated attributes from applications, then uses identity correlation, authoritative-source logic, and identity refresh processing to construct or update IdentityCubes.

This distinction is fundamental. An application may be an authoritative source, such as an HR system, where account attributes contribute heavily to identity creation and lifecycle state. However, the object read from the source is still an account or source record, not an IdentityIQ identity object. The identity is modeled inside IdentityIQ after aggregation and correlation occur.

Therefore, the more precise statement is that applications represent systems from which IdentityIQ reads account and access data, not systems from which IdentityIQ simply reads identities. Reference topics: Applications, application definition, account aggregation, authoritative applications, correlation, IdentityCube creation, and Identity Modeling.