Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Account and access mapping issue - AzureAD b2c

N598231
New Contributor III
New Contributor III

imported the azure directoryroles and accounts using following - using the rest connection

access not showing the list of accounts which is member of Directory roles. Could you please help

{
"accountParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://graph.microsoft.com/v1.0/users",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "Resources",
"keyField": "accountID",
"statusConfig": {
"active": "true",
"inactive": "false"
},
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "userPrincipalName~#~char",
"status": "accountEnabled~#~char",
"displayName": "displayName~#~char",
"customproperty1": "givenName~#~char",
"customproperty2": "surname~#~char",
"customproperty3": "jobTitle~#~char",
"customproperty4": "mail~#~char",
"customproperty5": "mobilePhone~#~char",
"customproperty6": "officeLocation~#~char"
}
}
}
},
"entitlementParams": {
"processingType": "SequentialAndIterative",
"entTypes": {
"DirectoryRole": {
"entTypeOrder": 0,
"call": {
"call1": {
"connection": "userAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://graph.microsoft.com/v1.0/directoryRoles",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "Resources",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "displayName~#~char",
"description": "description~#~char",
"entitlement_glossary": "description~#~char",
"customproperty4": "description~#~char",
"customproperty3": "deletedDateTime~#~char",
"customproperty8": "roleTemplateId~#~char",
"acctEntMappingInfoColumnFromEnt": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"listField": "",
"idPath": "account_id",
"keyField": "accountID",
"importAsAccount": false
}
}
}
},
"acctEntParams": {
"processingType": "entToAcctMapping"
}
}

2 REPLIES 2

Raghu
All-Star
All-Star

@N598231  please check below article will help you

https://forums.saviynt.com/t5/identity-governance/azure-active-directory-rest-importaccountentitleme...

 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

As you confirmed already fixed.

{
  "accountParams": {
    "connection": "userAuth1",
    "processingType": "SequentialAndIterative",
    "statusAndThresholdConfig": {},
    "call": {
      "call1": {
        "callOrder": 0,
        "stageNumber": 0,
        "http": {
          "url": "https://xyz/users",
          "httpHeaders": {
            "Authorization": "${access_token}",
            "Accept": "application/json"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "listField": "details",
        "keyField": "accountID",
        "colsToPropsMap": {
          "accountID": "userlogin~#~char",
          "name": "userlogin~#~char",
          "customproperty1": "firstname~#~char"
        }
      },
      "call2": {
        "callOrder": 1,
        "stageNumber": 1,
        "http": {
          "url": "https://xyz?userlogin=${accountID}",
          "httpHeaders": {
            "Authorization": "${access_token}",
            "Accept": "application/json"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "inputParams": {
          "dependentCall": true
        },
        "listField": "details",
        "keyField": "accountID",
        "colsToPropsMap": {
          "accountID": "userlogin~#~char",
          "name": "userlogin~#~char",
          "customproperty1": "firstname~#~char",
          "customproperty3": "email~#~char"
        }
      }
    }
  },
  "entitlementParams": {
    "connection": "userAuth1",
    "processingType": "SequentialAndIterative",
    "entTypes": {
      "Roles": {
        "entTypeOrder": 0,
        "call": {
          "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "http": {
              "url": "https://xyz/getavailableroles",
              "httpHeaders": {
                "Accept": "application/json",
                "Authorization": "${access_token}"
              },
              "httpContentType": "application/json",
              "httpMethod": "GET"
            },
            "nextApiKeyField": "accountID",
            "listField": "details",
            "keyField": "entitlementID",
            "colsToPropsMap": {
              "entitlementID": "id~#~char",
              "entitlement_value": "name~#~char"
            }
          }
        }
      }
    }
  },
  "acctEntParams": {}
}

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.