Synchronization Logs
This feature is available if you have purchased the [Lifecycle Management] or [IGA – Identity Governance] module. The Synchronization Logs module consolidates all data synchronization tasks and historical records on the IAM platform. For example, it allows administrators to view task information related to synchronizing identity data from the IAM platform to applications such as Feishu.
Administrators can use this module to:
- Monitor synchronization task progress
- Review synchronization history
- Examine synchronization errors
- Inspect synchronization parameters and payloads
Synchronization logs primarily display operation records during account provisioning. They also record situations where the target application does not respond (i.e., no callback). Logs are only generated if data synchronization is enabled for the application; if not, no records will be shown in this module.
Sources of Synchronization Records
| No. | Source of Synchronization Action | Description |
|---|---|---|
| 1 | User Self-service Deprovisioning | Records generated when users release permissions via Portal → My Access |
| 2 | User Access Request | Records generated when users request access via Portal → Access Request / Access Center, and the request is approved |
| 3 | Provisioning Policy Execution | Records from account operations triggered by provisioning policies during user operations |
| 4 | Retry After Modification | Records from re-initiated provisioning tasks due to previous failures |
| 5 | Permission Change Events | If change tracking is enabled, records generated when editing users or their permissions |
| 6 | Global Provisioning Policy | Records from account operations triggered by disabling or deleting a user when a global provisioning policy is configured |
| 7 | Application Account Policy | Records from executing application-specific account policies |
| 8 | Access Compliance Review | Records from account operations triggered by permission governance checks under Identity Governance → Permission Governance → Policy Execution |
| 9 | Permission Expiry | Records generated when application permissions associated with an account expire and are automatically revoked |
| 10 | Manual Operations | Records of manual account operations not triggered by user data changes (e.g., account import, batch provisioning, manual creation/editing/deletion/enable/disable) |
Viewing Synchronization Records
In the synchronization log list, you can click the View button in the action column to inspect details of synchronization requests. This includes:
- Operation logs
- Task parameters
- Outgoing request payloads
- Response messages
Viewing Synchronization Details
If the synchronized object type is Account, and the synchronization action is Create or Update, and the synchronization status is Success, you can click View Details in the action column. Currently, this only supports viewing the permission binding/unbinding details.
Confirming Failed Synchronization
For synchronization tasks marked as Failed, clicking Confirm indicates that the corresponding action was manually completed in the target business system. The system will then treat the task as successful and proceed with subsequent operations.
Example: If account deletion fails, clicking Confirm will result in the IAM system performing a physical deletion of the corresponding account in the account management module.