We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

REST Connector - How to set entitlements hierarchy where child entitlements is in form of Array List

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on July 14 2020 at 15:37 UTC

How to set entitlements hierarchy(parent/child) where child entitlements is in form of Array List, using REST Connector.


Could you please confirm if below entMappingParams configuration is correct for ImportAccountEntJSON?


JSON Response Payload:

{   "total": 2,   "offset": 0,   "limit": 1000,   "results": [     {       "id": "1",       "resourceType": "Role",       "name": "Assignee",       "permissions": [         "ASSET_ATTRIBUTE_CHANGE",         "ASSET_CHANGE",         "ASSET_ATTRIBUTE_ADD",         "ASSET_ATTRIBUTE_REMOVE"       ]     },     {       "id": "2",       "resourceType": "Role",       "name": "Admin",       "permissions": [         "USER_ADMIN",         "ASSET_DELETE"       ]     }   ] }

entMappingParams configuration (ImportAccountEntJSON):

"entMappingParams": {     "processingType": "SequentialAndIterative",     "entTypes": {       "Role": {         "ent1KeyField": "entitlementID",         "call": {           "call1": {             "connection": "acctAuth",             "callOrder": 0,             "stageNumber": 0,             "http": {               "httpHeaders": {                 "Authorization": "${access_token}"               },               "url": "https://XXXXXXXXXX/rest/roles",               "httpContentType": "application/json",               "httpMethod": "GET"             },             "listField": "results",             "ent1IdPath": "id",             "ent2IdPath": "permissions",             "ent2KeyField": "entitlementID",             "targetEntType": "Permission",             "mappingTypes": [               "ENT2"             ]           }         }       }     }   }

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
10 REPLIES 10

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on July 14 2020 at 16:29 UTC

Please ignore the configuration in my previous comment and instead have a look at below one please:


JSON Response Payload:

{       "id": "1",       "resourceType": "Role",       "name": "Assignee",       "permissions": [         "ASSET_ATTRIBUTE_CHANGE",         "ASSET_CHANGE",         "ASSET_ATTRIBUTE_ADD",         "ASSET_ATTRIBUTE_REMOVE"       ] }


entMappingParams configuration (ImportAccountEntJSON):

"entMappingParams": {     "processingType": "SequentialAndIterative",     "entTypes": {       "Role": {         "ent1KeyField": "entitlementID",         "call": {           "call1": {             "connection": "acctAuth",             "callOrder": 0,             "stageNumber": 0,             "http": {               "httpHeaders": {                 "Authorization": "${access_token}"               },               "url": "https://XXXXXXXXXX/rest/roles/${id}",               "httpContentType": "application/json",               "httpMethod": "GET"             },             "listField": "",             "ent1IdPath": "id",             "ent2IdPath": "permissions",             "ent2KeyField": "entitlementID",             "targetEntType": "Permission",             "mappingTypes": [               "ENT2"             ]           }         }       }     }   }

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on July 30 2020 at 03:33 UTC

Marking as replied as this is answered on different thread.


THanks

Ajay

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on July 30 2020 at 05:54 UTC

Hi Ramanpreet,


In order to have the entitlements2 mapping, the values must be in a list and not in an array. The REST connector cannot handle the above response. Attaching a sample valid response that is consumable by the REST connector.


Thank you

Vedanth B.K




This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on July 30 2020 at 09:58 UTC

Thanks Vedanth.


The response payload with permissions as an Array is from the Collibra REST API.

I have seen another REST API from some popular application with similar response payload i.e. child entitlements in the form of Array.


For now, I have uploaded the entitlements associations as CSV manually as part of Collibra application onboarding.

But for the future, it would be good to have this feature in the REST connector.


Before I raise a enhancement request, just wanted to check if are you aware of any existing enhancement request in place for the same scenario?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on August 10 2020 at 07:20 UTC

Hi Ramanpreet,


It is in our roadmap to address this capability.


Thank you

Vedanth B.K

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on August 11 2020 at 09:37 UTC

Thanks Vedanth

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on August 12 2020 at 13:53 UTC

Ajay,


Could you please mention in which thread this issue is answered?

I have a similar challenge with nested entitlements in the REST APi response which needs to be configured as parent-child.



Marking as replied as this is answered on different thread.


THanks

Ajay



This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on March 31 2021 at 06:19 UTC

Is the enhancement for REST connector to pull array listed account to entitlement mapping completed?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on January 28 2022 at 08:37 UTC

Hi Team,

We have data is below format

    {

        "roleid": "ROLE_ACOFFMAN",

        "permissionid": "AA_PRI1",

        "description": "Advanced Analysis - Generic priority 1"

    },

    {

        "roleid": "ROLE_ACOFFMAN",

        "permissionid": "SH_PRI5",

        "description": "Shared Centre/branches - Generic priority 5"

    },

   {

        "roleid": "ROLE_ACOFFMAN",

        "permissionid": "BR_PRI1",

        "description": "Branch files - Generic priority 1"

    },

We want to import the same in to Saviynt via REST connector as part of Parent Child hierarchy. Can you please provide sample JSON to achieve this use case:


Parent Entitlement Value:

ROLE_ACOFFMAN


Child Entitlement Value:

AA_PRI1

SH_PRI5

BR_PRI1


In Saviynt:

ROLE_ACOFFMAN

--AA_PRI1

--SH_PRI5

--BR_PRI1


Thanks

Devang

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on February 9 2022 at 14:24 UTC

Payload

{

"memberships": [

    {

        "roleid": "ROLE_ACOFFMAN",

        "permissionid": "AA_PRI1",

        "description": "Advanced Analysis - Generic priority 1"

    },

    {

        "roleid": "ROLE_ACOFFMAN",

        "permissionid": "SH_PRI5",

        "description": "Shared Centre/branches - Generic priority 5"

    },

   {

        "roleid": "ROLE_ACOFFMAN",

        "permissionid": "BR_PRI1",

        "description": "Branch files - Generic priority 1"

    }

]

}



Json Config

 

 "entMappingParams": {

    "processingType": "SequentialAndIterative",

    "entTypes": {

      " Replace here with Parent EntitlementType Name": {

        "ent1KeyField": "entitlementID",

        "call": {

          "call1": {

            "connection": "acctAuth",

            "callOrder": 0,

            "stageNumber": 0,

            "http": {

              "httpHeaders": {

              },

              "url": "",

              "httpContentType": "application/json",

              "httpMethod": "GET"

            },

            "listField": "memberships",

            "ent1IdPath": "roleid",

            "ent2IdPath": " permissionid ",

            "ent2KeyField": "entitlementID ",

            "targetEntType": "Replace here with Child EntitlementType Name/ Parent EntitlementType Name if Child Entitlement is part of ParentEntitlementType",

            "mappingTypes": [

              "ENT2"

            ]

          }

        }

      }

    }

  }

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.