Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

If-Else and Ternary operator Condition for URL in JSON

ShyamSrisailam
Regular Contributor
Regular Contributor

Hi All,
Requirement:

1. AD Group creation has to be done from ARS - Group provisioning and import is happening (Ex: Connection Name: AD_1)(Connector type: AD)

2. Once the import happens, we are showing the AD Groups as an Entitlements in ARS where user will request those entitlements and it has to create ticket for this. (Ex: Connection Name: AD_ticket) (Connector type: REST)

So, In Security System we are adding below options.

Connection - AD_1

Provisioning Connection - AD_1

ServiceDesk Connection - AD-ticket

Issue:

Now, when I'm creating the AD Groups it is provisioning groups to AD and at the same time it's generating the ticket for ServiceNow because we have added both connections (AD_1 and AD_ticket) in SS.

 

I've tried, keeping a condition in URL for CreateticketJSON (in AD_ticket connection) as below but didn't work

-"url": "${if(task.tasktype==24){''}else{'https://<URL>/api/sjcrh/v1/infosec_access/ManualAccess'}}",

- "url": "${if(task.tasktype==24){''}else{\"https://<URL>/api/sjcrh/v1/infosec_access/ManualAccess\"}}",

-"url": "#CONST#${if(task.tasktype==24){''}else{\"https://<URL>/api/sjcrh/v1/infosec_access/ManualAccess\"}}",

-"url": "#CONST%23${if(task.tasktype==24){''}else{\"https://<URL>/api/sjcrh/v1/infosec_access/ManualAccess\"}}",

 

FYI, task.tasktype=24 is for create entitlement request.

 

Any suggestion where we can stop triggering ticket for when AD Group creation happens.

 

Thanks,

Shyam

Regards
SrisailamShyamSundarGoud
4 REPLIES 4

rushikeshvartak
All-Star
All-Star

In connection don’t send connection name

${(task.tasktype == 24) ? '': 'userAuth'}


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi @rushikeshvartak 

tried the above syntax in json but giving me the below ERROR:

responseText:{"error":{"message":"User Not Authenticated","detail":"Required to provide Auth information"},"status":"failure"}, cookies:[BIGipServerpool_stjudedev=ab47f76c024dfdfaf710a29bcc4ca238; httponly; secure; path=/; SameSite=None, JSESSIONID=53470E434C5E0AE294B4697026330761; Path=/; HttpOnly; secure; SameSite=None], statusCode:401]
2023-07-31/09:24:20.469 [{}] [quartzScheduler_Worker-5] DEBUG rest.RestUtilService - pullObjectsByRest - responseStatusCode ::401
2023-07-31/09:24:20.469 [{}] [quartzScheduler_Worker-5] DEBUG rest.RestProvisioningService - Entered getResponseHeaders method
2023-07-31/09:24:20.469 [{}] [quartzScheduler_Worker-5] DEBUG rest.RestProvisioningService - responseError : null
2023-07-31/09:24:20.469 [{}] [quartzScheduler_Worker-5] DEBUG rest.RestProvisioningService - isAuthError: false

 

FYI, Attaching the tested Json, let me know if needed any changes.

 

Regards
SrisailamShyamSundarGoud

Hi @ShyamSrisailam you can also add the same condition in the "name" parameter of the create ticket json. Please find the below sample.

"name": "${(task?.tasktype==24)?'No_Action_Required_call_for_ad_group_creation':'call1'}" 

{

    "call": [
        {

            "name": "${(task?.tasktype==24)?'No_Action_Required_call_for_ad_group_creation':'call1'}",

            "connection": "${(task.tasktype == 24) ? '': 'userAuth'}",

            "url": "<URL>",

            "httpMethod": "POST",

            "httpParams": "{\"instructions\":\"Request to ${if(task.tasktype==2 && (allEntitlementsValues==null || allEntitlementsValues.isEmpty() || allEntitlementsValues=='')){'Delete Account and associated Network folders and file'}else if(task.tasktype==3){'Add New Account in'}else if(task.tasktype==2){'Update Access in'}else if(task.tasktype==1){'Update Access in'}else if(task.tasktype==6){'Enable Account in'}else if(task.tasktype==14){'Disable Account in'}else if(task.tasktype==12){'Update Account in'}else{task.tasktype}} ${endpoint?.displayName}\",\"details\":\"${if((task.tasktype==2 && (allEntitlementsValues==null || allEntitlementsValues.isEmpty() || allEntitlementsValues=='')) || (task.tasktype==3) || (task.tasktype==2) || (task.tasktype==1) || (task.tasktype==6) || (task.tasktype==14)){'Below are the details to \\\\n \\\\nName          :          '+user.firstname+' '+(user.middlename!=null?user.middlename:'')+' '+user.lastname+'\\\\nUsername          :          '+user.username+'\\\\nEmployeeID          :          '+user.employeeid+' \\\\nUser Email          :          '+(user.email!=null?user.email:user.secondaryEmail!=null?user.secondaryEmail:'No email address available in Saviynt')+'\\\\nDepartment Name          :          '+user.departmentname+' \\\\nDepartment Number          :          '+user.departmentNumber+'\\\\nTitle          :          '+user.title+'\\\\nManager          :          '+user.owner+'\\\\nEnd Date          :          '+user.enddate+'\\\\nStatus          :          '+(user.statuskey==1?'Active Account':'Suspend or Deactivate Account')+' \\\\nRequestKey          :          '+task.requestKey+'\\\\nRequestID          :          '+(task.requestKey!=null?task.requestKey?.processinstanceid?.substring(task.requestKey?.processinstanceid?.indexOf('.') + 1, task.requestKey?.processinstanceid?.length()):task.id)+'\\\\nBusiness Justification          :          '+(task.requestKey==null?'':task.requestKey?.comments?.replaceAll('<.*?>','').replaceAll('\\n','').replaceAll('\\r','').replaceAll('[^ -~À-ÿ]+','').replaceAll(new String('XFw='.decodeBase64()),new String('XFxcXA=='.decodeBase64())))+'\\\\nEntitlements          :          '+(allEntitlementsValues.replaceAll('\\n',' ').replaceAll(':: Group :',' :'))+''}else if(task.tasktype==12){'Update Account in '+endpoint?.displayName+'\\\\n \\\\nFirstName          :          '+user.firstname+'\\\\nMiddleName          :          '+(user.middlename!=null?user.middlename:'')+'\\\\nLastName          :          '+user.lastname+'\\\\nUsername          :          '+user.username+'\\\\nEmployeeID          :          '+user.employeeid+' \\\\nUser Email          :          '+(user.email!=null?user.email:user.secondaryEmail!=null?user.secondaryEmail:'No email address available in Saviynt')+'\\\\nDepartment Name          :          '+user.departmentname+' \\\\nDepartment Number          :          '+user.departmentNumber+'\\\\nTitle          :          '+user.title+'\\\\nManager          :          '+user.owner+''}else{task.tasktype}}\", \"user\":\"${user.username}\" , \"group\":\"0142041b4ff152004ce80ad14210c7f2\"}",

            "httpHeaders": {

                "Authorization": "${access_token}"

            },

            "httpContentType": "application/json",

            "ticketidPath": "result.request_number",

            "unsuccessResponses":
            {

                "message": ""

            }

        }

    ]

}

Let me know if this helps!

 

 

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.

Hi @naveenss ,

Tried the syntax it is not creating the ticketNo for AD Group creation that is good, but it should create a ticket if user request for (AD_ticket) where user requests for AD_group entitlements through ARS but it's getting ERRORED out.

json is --- {"taskid":null,"provisioningComments":"Error in getting Ticket Number. Response: {\"error\":{\"message\":\"User Not Authenticated\",\"detail\":\"Required to provide Auth information\"},\"status\":\"failure\"}"}

pullObjectsByRest - responseStatusCode ::401

 

Regards
SrisailamShyamSundarGoud