Saviynt Forums

ArW · ‎09/10/2024

Hello,

We are trying to import accounts and accounts to entitlements mapping in a single request within a REST connection.
The application replies the following JSON for its get account method

{
    "data": [
        {
        "firstname": "FName",
        "lastname": "LName",
        "email": "fname.lname@email.com",
        "id": "16184894984591891187",  
        "roles": [
            {
            "saviynt_id": "1234",
            "name": "admin1"
            },
            {
            "saviynt_id": "6789",
            "name": "admin2"
            }
        ]
        }
    ]
  }

I will have control over the roles and will be able to import them prior, so I know that saviynt_id will be mapped to the entitlementID attribute in Saviynt.

For the moment, I have this ImportAccountEntJSON:

{
	"accountParams": {
	  "connection": "userAuth",
	  "processingType": "SequentialAndIterative",
	  "statusAndThresholdConfig": {},
	  "call": {
		"call1": {
		  "callOrder": 0,
		  "stageNumber": 0,
		  "http": {
			"url": "<URL>/users",
			"httpHeaders": {
				"Authorization": "${access_token}"
			},
			"httpContentType": "application/json",
			"httpMethod": "GET"
		  },
		  "listField": "data",
		  "keyField": "accountID",
		  "colsToPropsMap": {
			"accountID": "id~#~char",
			"name": "email~#~char"
		  }
		}
	  }
	},
	"entitlementParams": { 
	},
	"acctEntParams": {
	}
  }

I know that acctEntParams will need to contain this because there is only one request to get both accounts and mapping

"processingType": "acctToEntMapping"

and that I need to add a acctEntMappings block to the accountsParam call. However, since the role in the responses contain an array of object, I'm not sure how I am supposed to process it. Do you have an example how the acctEntMappings block needs to be written in this usecase ?

Thank you !

rushikeshvartak · ‎09/10/2024

Refer https://docs.saviyntcloud.com/bundle/Dev-Handbook-REST-v24x/page/Content/Developers-Handbook.htm

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

ArW · ‎09/10/2024

Hello,

I had already checked the doc but there are no usecases which precisely match mine.

  {
	"accountParams": {
		"connection": "userAuth",
		"processingType": "SequentialAndIterative",
		"statusAndThresholdConfig": {},
		"call": {
			"call1": {
				"callOrder": 0,
				"stageNumber": 0,
				"http": {
					"url": "<URL>/users",
					"httpHeaders": {
						"Authorization": "${access_token}"
					},
					"httpContentType": "application/json",
					"httpMethod": "GET"
				},
				"listField": "data",
				"keyField": "accountID",
				"colsToPropsMap": {
					"accountID": "id~#~char",
					"name": "email~#~char"
				}
			}
		},
		"acctEntMappings": {
			"Roles": {
				"importAsEntitlement": true,
				"listPath": "roles",
				"idPath": "saviynt_id",
				"keyField": "entitlementID",
				"colsToPropsMap": {
					"entitlement_value": "saviynt_id~#~char",
					"entitlementID": "saviynt_id~#~char",
					"displayname": "name~#~char"
				}
			}
		}
	},
	"entitlementParams": {},
	"acctEntParams": {
		"processingType": "acctToEntMapping"
	}
}

I have found an example that might match my usecase (but I'm not sure since there are no JSON examples for it) and have tried to adapt it into this.
The import accounts part works but no entitlements are created nor imported.
I have already created the "Roles" entitlement group for this endpoint

yogesh2 · ‎09/14/2024

Hi @ArW
Did you find a solution to this?
I have similar usecase.

stalluri · ‎09/14/2024

@ArW and @yogesh2

{
  "accountParams": {
    "connection": "acctAuth",
    "processingType": "SequentialAndIterative",
    "call": {
      "call1": {
        "callOrder": 0,
        "stageNumber": 0,
        "http": {
          "url": "XXXXXXXXX",
          "httpHeaders": {
            "Authorization": "${access_token}",
            "Accept": "application/json"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "listField": "users",
        "keyField": "accountID",
        "statusConfig": {
          "active": "true",
          "inactive": "false"
        },
        "colsToPropsMap": {
          "accountID": "id~#~char",
          "name": "email~#~char",
          "displayName": "name~#~char",
          "customproperty2": "email~#~char",
          "customproperty3": "created_at~#~char",
          "customproperty4": "updated_at~#~char",
          "customproperty5": "role~#~char",
          "status": "active~#~char",
          "customproperty6": "last_login_at~#~char",
          "customproperty7": "custom_role_id~#~char",
          "customproperty8": "default_group_id~#~char",
          "customproperty9": "created_at~#~char",
          "customproperty10": "updated_at~#~char",
          "customproperty11": "suspended~#~char",
          "customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
        },
        "pagination": {
          "nextUrl": {
            "nextUrlPath": "${response.completeResponseMap.next_page}"
          }
        }
      }
    },
    "acctEntMappings": {
      "Role": {
        "listPath": "",
        "idPath": "custom_role_id",
        "keyField": "entitlementID"
      }
    }
  },
  "entitlementParams": {
    "connection": "acctAuth",
    "processingType": "SequentialAndIterative",
    "entTypes": {
      "Group": {
        "entTypeOrder": 0,
        "entTypeLabels": {
          "customproperty1": "Deleted",
          "customproperty2": "CreatedAt",
          "customproperty3": "UpdatedAt"
        },
        "call": {
          "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "http": {
              "url": "https://<URL>/api/v2/groups",
              "httpHeaders": {
                "Authorization": "${access_token}",
                "Accept": "application/json"
              },
              "httpContentType": "application/json",
              "httpMethod": "GET"
            },
            "listField": "groups",
            "keyField": "entitlementID",
            "colsToPropsMap": {
              "entitlementID": "id~#~char",
              "entitlement_value": "name~#~char",
              "customproperty1": "deleted~#~char",
              "customproperty2": "created_at~#~char",
              "customproperty3": "updated_at~#~char"
            },
            "pagination": {
              "nextUrl": {
                "nextUrlPath": "${response.completeResponseMap.next_page}"
              }
            },
            "disableDeletedEntitlements": true
          }
        }
      },
      "Role": {
        "entTypeOrder": 1,
        "entTypeLabels": {
          "customproperty1": "Description",
          "customproperty2": "CreatedAt",
          "customproperty3": "UpdatedAt"
        },
        "call": {
          "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "http": {
              "url": "https://<URL>/api/v2/custom_roles.json",
              "httpHeaders": {
                "Authorization": "${access_token}",
                "Accept": "application/json"
              },
              "httpContentType": "application/json",
              "httpMethod": "GET"
            },
            "listField": "custom_roles",
            "keyField": "entitlementID",
            "colsToPropsMap": {
              "entitlementID": "id~#~char",
              "entitlement_value": "name~#~char",
              "customproperty1": "description~#~char",
              "customproperty2": "created_at~#~char",
              "customproperty3": "updated_at~#~char"
            },
            "pagination": {
              "nextUrl": {
                "nextUrlPath": "${response.completeResponseMap.next_page}"
              }
            },
            "disableDeletedEntitlements": true
          }
        }
      }
    }
  },
  "acctEntParams": {
    "connection": "acctAuth",
    "entTypes": {
      "Group": {
        "call": {
          "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "processingType": "httpEntToAcct",
            "http": {
              "httpHeaders": {
                "Authorization": "${access_token}"
              },
              "url": "https://<URL>/api/v2/groups/${id}/memberships.json",
              "httpContentType": "application/x-www-form-urlencoded",
              "httpMethod": "GET"
            },
            "listField": "group_memberships",
            "entKeyField": "entitlementID",
            "acctIdPath": "user_id",
            "acctKeyField": "accountID",
            "pagination": {
              "nextUrl": {
                "nextUrlPath": "${response.completeResponseMap.next_page}"
              }
            }
          }
        }
      },
      "Role": {
        "call": {
          "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "processingType": "acctToEntMapping"
          }
        }
      }
    }
  }
}

Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.

ArW · ‎09/17/2024

@yogesh the issue was coming from

"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"

It was not clear that this was mandatory

You need to first run the "Account" import run which will set customproperty31
Then, when running the "Access" import, it will process this property which is set on accounts and add entitlements to accounts

krishna_sk · ‎09/18/2024

CP31 is mandatory as it stores the Account-Entitlement mapping information.

Ref link - https://docs.saviyntcloud.com/bundle/Dev-Handbook-REST-v24x/page/Content/Developers-Handbook.htm#imp...

Thank you.

Saviynt Forums

ImportAccountEntJSON - acctEntMappings with an array of entitlements objects