As per best practices from SailPoint’s coding of rules and workflow, you should lock an object from within your rule/script, while performing an update. Doing so will help to maintain ACID property DB

Here is a code snippet to properly lock and unlock an object by using the transaction locking mechanism.

The example is for a Custom object, but can be used for any sailpoint.object that extends SailPointObject.

For an Identity object and other objects (Certification) that should use the persistent locking mechanism, refer to the lockIdentity, lockCertificationById methods in the ObjectUtil class.

import sailpoint.api.ObjectUtil;

import sailpoint.object.Custom;

//Get the Transaction lock

Custom custom = ObjectUtil.transactionLock(context, Custom.class, custObjName);

try {

//Modify the object

custom.put(key, val);

//Save the modifications in the Try block

context.saveObject(custom);

} catch (Exception e) {

//Log any errors encountered during saving the object

log.error(e);

} finally {

//Commit the transaction

context.commitTransaction();

}

context.decache(custom);

Reference: https://community.sailpoint.com/

This article is contributed by Roopesh. Roopesh is our Senior Consultant and has over 8 years of experience in Identity and Access Management (IAM), particularly with SailPoint and CyberArk.