Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Any way to push business justification of multiple roles through rest connector

Go to solution
savuser17
Regular Contributor
Regular Contributor

‎04/09/2024 08:09 AM

Hello,

Through rest, we have a connection to service desk. We create incidents/ tickets to give app owners useful information from the form and user table.

Here to push entitlement business justification, I used variable ${businessJustification}. It works for one entitlement. However, when I request two entitlements, it only shows business justification of one.

 

savuser17_0-1712675302955.png

Any way to push all business ents irrespective of the number?

Thanks in advance.

Labels:
0 Kudos
30 REPLIES 30

Go to solution
rushikeshvartak
All-Star
All-Star

‎04/09/2024 09:13 AM

Can you share full json


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎04/09/2024 09:20 AM

TicketStatus and CreateTicket JSON codes attached here.

Preview file
3 KB
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎04/09/2024 09:26 AM

${task?.comments}


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎04/09/2024 09:33 AM

It gives null:

Business Justification: null

Probably because the request comments is null. But I jhad separately filled out business justification for both roles and none of those are showing

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎04/09/2024 10:36 AM

${request.comments}


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎04/09/2024 10:50 AM

Both ${request.comments} and ${request?.comments} are giving errors

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎04/09/2024 10:54 AM 

${if(taskIds != null && taskIds.size()>0){String result='';ArrayList arr = new ArrayList(taskIds); arr.eachWithIndex{ val, idx -> com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey!=null?result=result.concat(com.saviynt.ecm.task.ArsTasks.get(val)?.tasktype==1?'ADD:: ':com.saviynt.ecm.task.ArsTasks.get(val)?.tasktype==31?'Extend End Date :: ':'REMOVE :: ').concat(com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey!=null?com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey?.entitlementtypekey.entitlementname+' : ':'').concat(com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey?.entitlement_value).concat(' : Access Start Date - ' + com.saviynt.ecm.task.ArsTasks.get(val)?.requestAccessKey?.startdate).concat(' : Access End Date - ' + com.saviynt.ecm.task.ArsTasks.get(val)?.requestAccessKey?.enddate).concat(' : Approved By - ' + com.saviynt.ecm.identitywarehouse.domain.Users.get(com.saviynt.ecm.task.ArsTasks.get(val)?.requestAccessKey?.collect{it.ae.findAll{it.jbpmActivityName.toString().equalsIgnoreCase('OwnerApproval')}}?.collect{it.approveby}.get(0).get(0)).displayname).concat('\\\\n'):'';}; return result}else{return '';}}

Sample to get all taskids change logic as per your requirements 

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
Anu
Regular Contributor
Regular Contributor
In response to savuser17

‎06/24/2024 07:54 AM

Hi @savuser17 ,

 

we have a similar requirement to send business justification for multiple roles in a request in SNOW TICKET..Could you please let us know if you already identified a fix for the above please. It would be really helpful.

 

Regards,

Anu

 

0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor

‎04/10/2024 03:09 AM

Hi,

Can I get clarification on this code? Not seeing which part should give business justification.

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎04/10/2024 08:30 PM

Sample to get all taskids change logic as per your requirements 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor

‎05/08/2024 03:15 AM - last edited on ‎05/08/2024 04:45 AM by Community Manager

Hi,

I tried your code plus a simplified version of it in the attached txt doc, but both of them are giving errors. Is the code validated from your end? Or is there something we're missing?

Thank you

[This message has been edited by moderator to mask domain name]

Preview file
5 KB
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎05/08/2024 03:37 AM

Code is validated  please share logs and code 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎05/09/2024 06:03 AM - last edited on ‎05/09/2024 11:19 PM by Community Manager

Hi

Attached are logs and the code.

Thank you,

Seemran Biswal

Preview file
37 KB
Preview file
3 KB
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎05/09/2024 07:18 PM

Its seems issue with service account used in connection 

"2024-05-08T11:02:23.382+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-8-6spvw","ERROR","Call response: {"code":"access_denied","message":"You are not authorized to perform this action."}"


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎05/13/2024 05:28 AM - last edited on ‎05/13/2024 06:06 AM by Community Manager

Hi,

If it was an auth error, it wouldn't create tickets at all. But once I remove the code, it does.

I ran the job again and attached are logs. If you look at this part in particular: 

savuser17_0-1715603251658.png

this is the message that shows when there's a syntax error or similar.

Thanks

[This message has been edited by moderator to mask email from attached logs]

Preview file
11 KB
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎05/13/2024 08:31 PM

Please share all JSONs -

  • Connection
  • Create Ticket
  • Status check

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎05/15/2024 03:20 AM

Hi,

PFA

Thanks

Preview file
5 KB
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎05/15/2024 07:58 PM

Just keep code shared in body of ticket and validate


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor

‎05/27/2024 05:34 AM - last edited on ‎05/27/2024 07:17 AM by Community Manager

Tried this code, after some reference from this forum question

https://forums.saviynt.com/t5/identity-governance/createticket-json-binding-variables/m-p/75354

CreateTicket JSON

{ "call": [{ "name": "call1", "connection": "SNAP_VLease_Auth", "url": "URL", "httpMethod": "POST", "httpParams": "{\"quantity\": \"1\",\"email\": \"accessit@amexgbt.com\", \"custom_fields\": {\"request_type\": \"${if(task.tasktype==1){'AddAccess'}else if(task.tasktype==2 && (allEntitlementsValues==null || allEntitlementsValues.isEmpty() || allEntitlementsValues=='')){'RemoveAccount'}else if(task.tasktype==2){'RemoveAccess'}else if(task.tasktype==6){'Enable Account'}else if(task.tasktype==12){'UpdateAccount'}else if(task.tasktype==14){'DisableAccount'}else{task.tasktype}}\",\"work_email\": \"accessit@dev.com\",\"adsid\": \"AccessIT\",\"application_name\": \"AccessIT\",\"job_title\": \"Integration Account\",\"accessit_request_id\": \"${if(user.statuskey==0){'WORKDAYTERM'}else if(task.source in ('CERTIFICATION')){'CERTIFICATION'}else{requestid}}\",\"additional_comments\":\"${requestid}\"${if(taskIds != null && taskIds.size()>0){String result='';ArrayList arr = new ArrayList(taskIds); arr.eachWithIndex{val, idx -> com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey!=null ? com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey?.entitlement_value+'# ':'';};return result;}else{return '';}}}}", "httpHeaders": { "Authorization": "${access_token}" }, "httpContentType": "application/json", "ticketidPath": "service_request.id", "successResponses": { "statusCode": [ 200, 201 ] }, "unsuccessResponses": { "message": "Ticket Not created" } }] }

For this the ticket gets created no error but it only prints the request id and nothing else.

Attached logs of successful run of the job and the compiled json.

Any advice to print the actual entitlement information, wrt this code? Also we are in v 23.11, just fyi

Preview file
137 KB
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎05/27/2024 08:27 AM

What is output in ticket


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎05/27/2024 09:03 AM

It displays the request id and the rest part (the one that has the code) comes blank

savuser17_0-1716825807283.png

 

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎05/27/2024 09:16 AM

Code shared is not printing anything. Only requestid variable is printed


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎05/28/2024 04:50 AM

Yes. Are you aware of any way to fix that and make the values populate?

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎05/28/2024 06:52 AM

Above code is working code

https://forums.saviynt.com/t5/identity-governance/createticket-json-binding-variables/m-p/78999#M505...


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎05/31/2024 06:30 AM

Hi,

We've tried this code as well, however, its still giving an error. May I ask where the variable TaskID is and if its a newer binding variable? Because we're on 23.11 and we suspect thats the problematic variable not working for us. We can't find the variable in the rest connector document too.

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to savuser17

‎06/03/2024 08:17 PM

Its working in v24.5 not sure if its new


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor

‎07/02/2024 07:26 AM

Hi,

Just wanted to close out this forum ask by saying we finally got the code working for us:

Posting this here in case it might help someone:

${if(taskIds != null && taskIds.size()>0){String result='';ArrayList arr = new ArrayList(taskIds); arr.eachWithIndex{val, idx ->com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey!=null ? result=result.concat(com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey?.entitlement_value+': '+com.saviynt.ecm.task.ArsTasks.get(val)?.requestAccessKey?.comments.split(']')[1]):'';};return result;}else{return '';}}

it gives entitlement value and business justification

Thanks

Go to solution
Anu
Regular Contributor
Regular Contributor
In response to savuser17

‎07/05/2024 02:34 AM

Hi @savuser17 . In the above code we see that you have used comments instead of $businessjustification attribute. Does it capture the comment or businessjustification from ARS request page. Could you please confirm?

 

${if(taskIds != null && taskIds.size()>0){String result='';ArrayList arr = new ArrayList(taskIds); arr.eachWithIndex{val, idx ->com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey!=null ? result=result.concat(com.saviynt.ecm.task.ArsTasks.get(val)?.entitlement_valueKey?.entitlement_value+': '+com.saviynt.ecm.task.ArsTasks.get(val)?.requestAccessKey?.comments.split(']')[1]):'';};return result;}else{return '';}}

0 Kudos

Go to solution
savuser17
Regular Contributor
Regular Contributor
In response to Anu

‎07/05/2024 03:39 AM

Hi,

It catches the business justification (that is per role requested/revoked), NOT comments. The table we get is from is request_access table and COMMENTS column - the column is named erronously, it means business justification only.

0 Kudos

Go to solution
Anu
Regular Contributor
Regular Contributor
In response to savuser17

‎07/18/2024 12:07 AM

Thanks for the response @savuser17 . Is this working in both enterprise and emergency role usecase for ,Manual approval and Autoapproval usecase? In our case i see this code is not working for emergency role request. could you please assist?

0 Kudos
Copyright © 2024 Khoros, LLC