Click HERE to see how Saviynt Intelligence is transforming the industry. |
07/05/2024 04:54 AM - last edited on 07/07/2024 07:10 AM by Sunil
Hi All,
We are trying to build a rest connection for an Oracle EPM application. Below is how a sample JSON response looks like -
"details": [
{
"userlogin": "XXXX",
"firstname": "XX",
"lastname": "XXX",
"email": "abc@contractor.com",
"group": [
{
"direct": "Yes",
"groupname": "ASDIGDOM"
},
{
"direct": "No",
"groupname": "Ad Sales Digital Forms"
},
]
},
{
"userlogin": "yyyy",
"firstname": "yyy",
"lastname": "yyy",
"email": "hgfdg@contractor.com",
"group": [
{
"direct": "Yes",
"groupname": "ASDIGDOM_View"
},
{
"direct": "No",
"groupname": "Ad Sales Digital Forms"
},
]
}
We are able to import accounts but not entitlements...Could you please suggest what needs to be updated. We just have one API endpoint to import accounts, entitlements and association.
Below is an ImportAccountEntJSON that we've configured.
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call0": {
"callOrder": 1,
"stageNumber": 1,
"http": {
"httpMethod": "GET",
"url": "https://removed.oraclecloud.com/interop/rest/security/v2/report/usergroupreport ",
"httpHeaders": {
"Authorization": "${access_token}"
}
},
"listField": "details",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "userlogin~#~char",
"name": "userlogin~#~char",
"customproperty1": "firstname~#~char",
"customproperty2": "lastname~#~char",
"customproperty3": "email~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"group": {
"listPath": "group",
"idPath": "groupname",
"keyField": "entitlementID"
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"group": {
"entTypeOrder": 1,
"call": {
"call1": {
"callOrder": 1,
"stageNumber": 1,
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://removed.oraclecloud.com/interop/rest/security/v2/report/usergroupreport ",
"httpMethod": "GET"
},
"listField": "group",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "groupname~#~char",
"entitlement_value": "groupname~#~char"
}
}
}
}
}
},
"acctEntParams": {
"entTypes": {
"group": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"processingType": "acctToEntMapping"
}
}
}
}
}
}
[This message has been edited by moderator to disable url hyperlink]
07/05/2024 06:08 AM
Hi @Gurukrishna96 please try the below JSON
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"acctEntMappings": {
"group": {
"importAsEntitlement": true,
"listPath": "group",
"idPath": "groupname",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "groupname~#~char",
"entitlementID": "groupname~#~char"
}
}
},
"call": {
"call1": {
"callOrder": 0,
"listField": "details",
"keyField": "accountID",
"http": {
"url": "https://XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"httpMethod": "GET",
"httpContentType": "application/json",
"httpHeaders": {
"Authentication": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"Accept": "application/json"
}
},
"colsToPropsMap": {
"accountID": "userlogin~#~char",
"name": "userlogin~#~char",
"customproperty1": "firstname~#~char",
"customproperty2": "lastname~#~char",
"customproperty3": "email~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
}
},
"entitlementParams": {
"processingType": "SequentialAndIterative",
"entTypes": {
"group": {
"entTypeOrder": 0,
"call": {}
}
}
},
"acctEntParams": {
"entTypes": {
"group": {
"call": {
"call1": {
"processingType": "acctToEntMapping",
"http": {}
}
}
}
}
}
}
07/07/2024 06:01 AM
Thanks @naveenss This worked!
We are able to import group names now.
Could you please also suggest if it is possible to associate the "direct" field with the groupname in the same block. For example,
"group": [
{
"direct": "Yes",
"groupname": "ASDIGDOM"
},
07/07/2024 07:05 PM
In this case you need to import Group Entitlement using separate API to pull Group metadata into Saviynt
07/07/2024 09:56 PM
Hi @Gurukrishna96 please use the below JSON
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"acctEntMappings": {
"group": {
"importAsEntitlement": true,
"listPath": "group",
"idPath": "groupname",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "groupname~#~char",
"entitlementID": "groupname~#~char",
"customproperty1": "direct~#~char"
}
}
},
"call": {
"call1": {
"callOrder": 0,
"listField": "details",
"keyField": "accountID",
"http": {
"url": "https://XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"httpMethod": "GET",
"httpContentType": "application/json",
"httpHeaders": {
"Authentication": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"Accept": "application/json"
}
},
"colsToPropsMap": {
"accountID": "userlogin~#~char",
"name": "userlogin~#~char",
"customproperty1": "firstname~#~char",
"customproperty2": "lastname~#~char",
"customproperty3": "email~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
}
},
"entitlementParams": {
"processingType": "SequentialAndIterative",
"entTypes": {
"group": {
"entTypeOrder": 0,
"call": {}
}
}
},
"acctEntParams": {
"entTypes": {
"group": {
"call": {
"call1": {
"processingType": "acctToEntMapping",
"http": {}
}
}
}
}
}
}
07/08/2024 04:01 AM
Hi @naveenss Thanks for the suggestion, however, since users will have multiple groups with each group having either "Yes" or "No" for the "direct" key, I am not sure if adding it to account's cp1 would be feasible.
@rushikeshvartak we just have one endpoint to bring in the values of account and entitlements. Also, I don't believe that "direct" key is part of group metadata as this field defines whether user is directly a part of the group or indirectly through some other group association.
Please feel free to correct me.
Here's a sample for better clarity -
{
"details": [
{
"userlogin": "xxxxx",
"firstname": "xxxx",
"lastname": "xxxxx",
"email": "xxxxl@xxxxr.com",
"group": [
{
"direct": "Yes",
"groupname": "ASDIGDOM"
},
{
"direct": "No",
"groupname": "Ad Sales Digital Forms"
},
{
"direct": "No",
"groupname": "Ad Sales Digital Rules"
},
{
"direct": "No",
"groupname": "Ad Sales Digital Task List"
}
]
}
]
}
07/08/2024 04:58 AM
Hi @Gurukrishna96 the above JSON will not add "direct" to the account CP1. It will store it in entitlement CP1.