No. This definition describes a rule more closely than an Identity Cube. In SailPoint IdentityIQ, an Identity Cube is the centralized identity model that represents a person or non-person identity inside IdentityIQ. It contains consolidated identity information such as identity attributes, correlated application accounts, assigned and detected roles, entitlements, manager relationship, lifecycle state, policy violations, certifications, and other governance-relevant data.
A “snippet of code containing custom business logic” refers to a BeanShell rule. Rules are executable logic used to customize IdentityIQ behavior in areas such as aggregation, correlation, provisioning, policy evaluation, workflow processing, and identity attribute transformation. They are configuration objects containing code, while Identity Cubes are data/model objects representing identities and their access.
Therefore, the statement is inaccurate because an Identity Cube is not custom code. It is the core identity record used by IdentityIQ for governance, access modeling, policy detection, requests, certifications, and provisioning decisions.
Reference topics: Identity Modeling, IdentityCube contents, identity attributes, correlated accounts, roles and entitlements, BeanShell rules, Foundational Concepts, and IdentityIQ object model.
Submit