Unified platform access for identity partners: what changes now?

TL;DR: Integration and implementation remain the biggest barrier to security maturity, as technology partners need direct access to a platform to build certified, more deeply integrated apps rather than basic connectors, according to SailPoint. The implication is that identity teams must treat partner ecosystems as part of the governance surface, not just an integration layer.

NHIMG editorial — what this means for NHI practitioners

Questions worth separating out

Q: How should security teams govern partner-built identity applications?

A: Security teams should treat partner-built identity applications as governed extensions of the control plane, not as simple connectors.

Q: Why do partner ecosystems create more identity governance risk?

A: Partner ecosystems create more risk because each new extension introduces a new authority path inside the identity programme.

Q: When should organisations recertify third-party identity applications?

A: Organisations should recertify third-party identity applications whenever access scope, data scope, or ownership changes, and after any partner relationship update that affects trust.

Practitioner guidance

• Define partner app trust tiers Classify every partner-built application by the identity data it can access, the workflows it can trigger, and whether it can change policy outcomes.
• Add offboarding controls for ecosystem apps Require a revocation path for partner applications that mirrors service-account offboarding, including access removal, token invalidation, and ownership reassignment when the commercial relationship ends.
• Expand recertification beyond accounts Include partner-built applications in access reviews so governance teams validate not only who has access, but which external extensions still have delegated authority inside the platform.

What's in the full announcement

SailPoint's full article covers the operational detail this post intentionally leaves for the source:

• How the partner membership and shared-success model is structured for ecosystem participants
• What certified integrations mean for technology partners building native applications on the platform
• Which inaugural partners are already participating in the program
• How SailPoint describes the commercial and technical path from basic integrations to native apps

👉 Read SailPoint's announcement on Unified Platform Access for technology partners →

Unified platform access for identity partners: what changes now?

Explore further

View Full Forum →  |  NHI Foundation Course →