Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

how do you manage an account that can be created via ARS request and via birthright

Go to solution
travemole
Regular Contributor
Regular Contributor

‎11/16/2023 07:51 AM

Hello Team,

I'm trying to create an account for an endpoint that should be birthright and at the same time requesteable via ARS request.

 

The issue that I'm facing is that I have a dynamic property:
requestAccessAttributes?.get('DynInitialPOS') and this of course fails during birthright because requestAccessAttributes class does not load.

Is there a way to achieve this without having to write all the java code of the dynamic property?

Kind regards,

Albert.

 

Labels:
0 Kudos
4 REPLIES 4

Go to solution
Saathvik
All-Star
All-Star

‎11/16/2023 01:25 PM

@travemole : Can you provide more details about use case with example? Unable to understand the requirement with provided details


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos

Go to solution
travemole
Regular Contributor
Regular Contributor
In response to Saathvik

‎11/17/2023 12:25 AM

Hi @Saathvik ,

Sure, basically I want to be able to create a connector that will work with ARS request and at the same time Birthright. I know that very basic stuff like user.username and so on will work but I would like to do complex calculations also. Is that feasible or I really need to write the conditions directly in the rule as said below by @rushikeshvartak?

EXAMPLE:
Create account Json:
{
"accountIdPath": "call2.message.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"responseColsToPropsMap": {
"customproperty17": "call1.message.id~#~char",
"customproperty1": "call2.message.id~#~char"
},
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "XXXXXX",
"httpMethod": "POST",
"httpParams": "{\"FirstName\":\"${user.firstname}\",\"LastName\":\"${user.lastname}\",\"Email\":\"${user.email}\",\"AccountId\":\"${String dnypos = requestAccessAttributes?.get('DynInitialPOS').replace('[','').replace(']','').trim();return dnypos;}\",\"B2B_ExternalId__c\":\"${user.email}\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
},
{
"name": "call2",
"connection": "userAuth",
"url": "XXXXXX",
"httpMethod": "POST",
"httpParams": "{\"FirstName\":\"${user?.firstname}\",\"LastName\":\"${user?.lastname}\",\"Email\":\"${user.email}.invalid\",\"TimeZoneSidKey\":\"${user?.customproperty11}\",\"LocaleSidKey\":\"${user?.customproperty12}\",\"EmailEncodingKey\":\"UTF-8\",\"LanguageLocaleKey\":\"${user?.customproperty12}\",\"Username\":\"${accountName}\",\"FederationIdentifier\":\"${user.email}\",\"B2B_ExternalId__c\":\"${user.email}\",\"ProfileId\":\"00e09000003qQMwAAM\",\"ContactId\":\"${response.call1.message.id.toString()}\",\"Alias\":\"${String fname=user?.firstname.toLowerCase().trim();String lname=user?.lastname.toLowerCase().trim();String mname = 'alias';mname =(fname == null ? '' : fname)+(lname == null ? '' : lname)+mname;return mname.substring(0,7);}\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}
]
}


DynInitial POS query that I don't want to write as condition if possible:
select ev.customproperty1 as ID from entitlement_values ev LEFT JOIN entitlement_types evt on evt.ENTITLEMENTTYPEKEY = ev.ENTITLEMENTTYPEKEY LEFT JOIN endpoints ep on evt.endpointkey = ep.endpointkey inner join ( select CASE WHEN ( LOCATE(',', u.customproperty60) ) > 0 THEN ( select c.customproperty9 from customer c where c.CUSTOMERNAME = LEFT( u.customproperty60, LOCATE(',', u.customproperty60) -1 ) ) ELSE ( select c.customproperty9 from customer c where c.CUSTOMERNAME = u.customproperty60 ) END as ID from users u where u.userkey in (${requestee}) LIMIT 1 ) as B where ev.customproperty11 = B.ID and evt.entitlementname = 'XXXXX' and ep.endpointname = 'XXX'

Kind regards,

Albert.

0 Kudos

Go to solution
Saathvik
All-Star
All-Star
In response to travemole

‎11/17/2023 04:01 AM

@travemole : Yes since you are dependent on dynamic attribute which is only available through ARS. In your createAccountJSON you need to use if-else condition based on task source to vary the value accordingly


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star

‎11/16/2023 09:53 PM

based on task source you can write condition


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC