Click HERE to see how Saviynt Intelligence is transforming the industry. |
02/15/2024 04:53 AM
Hi,
Im trying to import Accounts and Entitlement for an application using REST connector. Im able to get accounts imported but the Entitlements are not getting imported . The entitlements can be view in the same API call as in accounts import. There is no seperate call for entitlement / groupmembership .
below is the response in postman
Below is the JSON I used initially where entitlements didnt get imported.
I tried with the below JSON, entitlements are created correctly if the user is having one entitlement and if a some user is having multiple entitlements then the one entry is created for entitlements with concat of all entitlement as the entitlement value
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://energy/api/protected/users/readAllUsers",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "accounts",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "username~#~char",
"name": "username~#~char",
"displayName": "fullname~#~char"
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"app_roles": {
"entTypeOrder": 0,
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://energy/api/protected/users/readAllUsers",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "accounts",
"keyField": "entitlementID",
"colsToPropsMap": {
"displayName": "app_roles~#~char",
"entitlementID": "app_roles~#~char",
"entitlement_value": "app_roles~#~char"
},
"disableDeletedEntitlements": true
}
}
}
}
},
"acctEntParams": {
"connection": "acctAuth",
"entTypes": {
"app_roles": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"processingType": "acctToEntMapping",
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://energy/api/protected/users/readSingleUser?username={id}",
"httpMethod": "GET"
},
"listField": "",
"entIdPath": "app_roles",
"entKeyField": "entitlementID",
"acctKeyField": "accountID"
}
}
}
}
}
}
02/19/2024 07:10 PM
Please refer to the below links for getting the relevant ImportAccountEntJSON for importing accounts and entitlements.
Developers Handbook (saviyntcloud.com)
Configuring the Integration for Importing Accounts and Access (saviyntcloud.com)
Solved: Entitlements aren't getting mapped to accounts in ... - Saviynt Forums - 72744
Additionally you can also refer to the Examples for JSON Construction section to info on listField,keyfield etc.
Regards,
Dhruv Sharma
02/20/2024 06:10 AM - last edited on 02/20/2024 06:24 AM by Sunil
@Dhruv_S Thank you,
This is the JSON I have restructed based the Forum you mentioned as well as from doc portal. However what should I give in the colsToPropsMap since the roles doesnt have a field to map.
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://****/api/protected/omsusers/readAllUsers ",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "accounts",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "username~#~char",
"name": "username~#~char",
"displayName": "fullname~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"app_roles": {
"importAsEntitlement": true,
"listPath": "",
"idPath": "app_roles",
"keyField": "",
"colsToPropsMap": {
"entitlementID": "app_roles~#~char",
"entitlement_value":"app_roles~#~char"
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"app_roles": {}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}
[This message has been edited by moderator to disable url link.]
02/20/2024 08:12 AM
Hi @mansoorahmed1
Please try with the below json.
Note: Run both account and access import
Also please confirm if cp31 is populated with values after account recon job.
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://****/api/protected/omsusers/readAllUsers ",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "accounts",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "username~#~char",
"name": "username~#~char",
"displayName": "fullname~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"app_roles": {
"importAsEntitlement": true,
"listPath": "app_roles",
"idPath": "",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "app_roles~#~char",
"entitlement_value": "app_roles~#~char"
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"app_roles": {}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}
03/06/2024 02:16 AM
I can only see Cp31 is populated but entitlements arent getting created .
02/20/2024 09:06 PM
Below is the CP31 value
{"app_roles":{"entIds":["[WebWorkspace - Control Room, WebWorkspace - Data Capture, WebWorkspace - System Operations, WebWorkspace - View Only, WebCallEntry - Web Call Entry]"]}}
Also the account import jobs fails.
02/20/2024 09:12 PM
Share error logs
02/20/2024 09:49 PM
02/20/2024 10:06 PM
try renaming entitlement type in Saviynt & import json and try app_roles to Roles
03/06/2024 02:15 AM
No Luck there. Still the same
03/08/2024 02:41 AM
Could you please confirm if this issue got resolved ?
If yes- could you please share the working JSON.
If no- could you please confirm the current issue and JSON.
Regards,
Dhruv Sharma