Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Can we pass Endpoint Dynamic attributes in Rest connector for Zeroday tasks

Mohit_Sanka
New Contributor II
New Contributor II

Hi All,

Is it possible to pass Dynamic attribute values in Create account JSON for a Rest connector when the tasks were generated via Rules.

If yes, what are the configurations we have to keep in the endpoint. I have tried to keep the DA as editable and both value and default value of the attribute are populated with the SQL query.

 

Regards,

Mohit.

15 REPLIES 15

NM
Honored Contributor II
Honored Contributor II

Hi @Mohit_Sanka , it will ideally pick the default value of dynamic attribute.

Mohit_Sanka
New Contributor II
New Contributor II

Hi @NM,

Currently when ever we are adding the dynamic attribute in the endpoint and try to process a task, its getting picked up by the job but not hitting the target and there is no error in the logs.

Is there any configuration that we need to enable in the global config.

  • Dynamic attribute are available in rest connector when request is raised from ARS.
  • if its from rule then default value of dynamic attribute will be available in REST Connector CRUD JSONs
  • Can you share logs if above is failing

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi @rushikeshvartak ,

we don't see any error in the logs and no provisioning comments as well. It seems like doesn't even try to process the task.

Is there any sample JSON that I can refer for this.

 

Regards,

Mohit

Please share your current JSON configuration


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

This is our current create account JSON, that we are trying to pass.

{
"accountIdPath": "call2.message.id",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://topdesk/tas/api/branches?query=name==${user.location}",
"httpMethod": "GET",
"httpParams": "",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json"
},
{
"name": "call2",
"connection": "acctAuth",
"showResponse": true,
"url": "https://topdesk/tas/api/persons",
"httpMethod": "POST",
"httpParams": "{\"firstName\":\"${user.firstname==null?'':user.firstname}\",\"surName\": \"${user.lastname==null?'':user.lastname}\",\"email\":\"${user.email}\",\"networkLoginName\":\"${user.username}\",\"mainframeLoginName\": \"${user.username}\",\"branch\":{\"id\":\"${response.call1.message[0].id}\"},\"prefixes\":\"${user.customproperty4}\",\"jobTitle\":\"${user.job_function}\",\"tasLoginName\":\"${user.username}\",\"department\":{\"id\":\"${requestAccessAttributes.get('Department')}\"},\"budgetholder\":{\"id\":\"${requestAccessAttributes.get('budget')}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
}
}
]
}

Code looks correct does it working from ARS ? Do you have default values configured under dynamic attribute 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

@rushikeshvartak , but in the above JSON shared by you there were not endpoint based dynamic attributes. Do you want me to add the auth error section in the JSON?

I pasted wrong post solution here. check updated question


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

We are getting an error saying configuration error found with attribute.

Below is the query 

Mohit_Sanka_0-1723567710002.png

 

  • It should be static query and not with dynamic variable 
  • and your attribute name is different as compared to json

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

I tried to update the attribute name as it was not working on ARS page and throwing an error.

but if the query is static then how can I get the department id from entitlements based on users departmentname?

You can't get in case of rules. In this case, you may need to pass NA


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM
Honored Contributor II
Honored Contributor II

@Mohit_Sanka , requestee is another dynamic part.. can you give it a try once by passing a static value in default values

NM
Honored Contributor II
Honored Contributor II

Hi @Mohit_Sanka , my mistake I thought you meant while raising a request

I don't think DA value gets computed when creating account via rule.