Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Mapping servicenow entitlement owner using Rest API

Go to solution
rajesh005
New Contributor
New Contributor

‎10/31/2022 02:30 PM - last edited on ‎10/31/2022 03:38 PM by Community Manager

I am looking for an option to map servicenow group owners directly from REST api call.  I am using entOwnerMappings field in entitlmentparams of importaccountentjson.

PFA the response.txt which shows how the response looks. In the json response manager.value holds the the value of the owner of that group (this value is sys_id). Currenlty I have populated the sys_id value manually in customproperty65 of that owner in saviynt and mapped that value in entitlement value cp2. You can see that as below

rajesh005_0-1667251521796.png

Currently after running entitlement import, I am seeing the above user becoming owner for those entitlements. I have attached the importaccountentjson and the logs. I dont see any error on logs. 

 

Labels:
0 Kudos
21 REPLIES 21

Go to solution
rushikeshvartak
All-Star
All-Star

‎10/31/2022 03:06 PM

Please share json & response 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
rajesh005
New Contributor
New Contributor

‎11/01/2022 09:08 AM

I assumed I have added. I jam attaching here  

Preview file
6 KB
Preview file
4986 KB
Preview file
4804 KB
0 Kudos

Go to solution
Vedanth_BK
Saviynt Employee
Saviynt Employee
In response to rajesh005

‎11/09/2022 05:05 AM

Hi Rajesh,

Since the owner information is part of the GET group API, please add the acctEntMappingInfoColumnFromEnt in colsToPropsMap to store the owner information and the processingType entToAcctMapping in acctEntParams to map the owners to their entitlement values.

Please note that users must be imported in order to be mapped as owners, and if the users are imported from a connector/source other than the REST connector- the UserSource should be specified in the ImportAccountEntitlementJSON. The UserSourcekey information will be available in the user's table.
Please find the attached document containing a sample ImportAccountEntitlementJSON for this use case.


Thank you
Vedanth B.K

Preview file
5 KB
0 Kudos

Go to solution
rajesh005
New Contributor
New Contributor
In response to Vedanth_BK

‎11/09/2022 09:31 AM

Vedanth, you mentioned to use processing type as entToAcctMapping in acctEntParams but in the sample you provided I dont see that, I see "SequentialAndIterative" can you confirm that

 

 

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to rajesh005

‎11/09/2022 09:34 AM

Thats should not be an issue. are you facing any issue


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
Vedanth_BK
Saviynt Employee
Saviynt Employee
In response to rajesh005

‎11/09/2022 07:31 PM

@rajesh005 Please check the call2 in acctEntParams.

0 Kudos

Go to solution
rajesh005
New Contributor
New Contributor
In response to Vedanth_BK

‎11/12/2022 04:26 PM

Vedanth, I tried with the option you suggested but it didn't seemed to work. I am attaching the updated importaccountentjson, logs during group import and the rest api response for group import api call.

Preview file
6 KB
Preview file
4817 KB
Preview file
8396 KB
0 Kudos

Go to solution
GauravJain
Regular Contributor
Regular Contributor

‎01/12/2023 05:33 AM

Rajesh - whats the source of "users" data in Saviynt - is it coming from ServiceNow / LDAP or any other system? If its ServiceNow and you have configured "ImportUserJSON" in REST connector then you dont need to use "userSourceList" for sure. Please share source system name.

0 Kudos

Go to solution
rajesh005
New Contributor
New Contributor

‎01/18/2023 01:19 PM

users are coming from workday. 

0 Kudos

Go to solution
Vedanth_BK
Saviynt Employee
Saviynt Employee
In response to rajesh005

‎01/18/2023 07:54 PM

Rajesh,
The UserSourcekey information will be available in the user's table. Please check the sample shared above and add the UserSource under globalSettings.
Thanks 

0 Kudos

Go to solution
GauravJain
Regular Contributor
Regular Contributor
In response to rajesh005

‎01/20/2023 03:46 AM

Use following query to get all user sources and put them in global settings

select distinct USERSOURCE, count(*) from users group by username

"globalSettings": {
"userSourceList": [
"1",""2"
]
},

OR use this which will automatically cover all options

"globalSettings": {
"userSourceList": [
"ALL"
]
},

0 Kudos

Go to solution
rajesh005
New Contributor
New Contributor

‎03/14/2023 08:24 AM

Servicenow team had generated scripted api's instead of out of the box rest api's. So I believe mapping entitlment owner will be easy.

However, I am still not seeing entitlement owners getting mapped. I am attaching postman output for entitlement recon, logs and importaccountentjson.

To summarize, the owner I need to map for each entitlement is coming in "manager" parameter (you can see that in attached postman response. In saviynt that value is stored as systemusername for each user in users table. 

Can you let me know what mistake I am doing.

 

 

Preview file
3 KB
Preview file
787 KB
Preview file
1299 KB
0 Kudos

Go to solution
Vedanth_BK
Saviynt Employee
Saviynt Employee
In response to rajesh005

‎03/14/2023 09:47 PM

 

Hi @rajesh005 

Analyzing the attached JSON and response, I observed the below
* Result is mentioned again in listField of entOwnerMappings and the processing type.
Use the below sample:

"entOwnerMappings": {
"listField": "",
"idPath": "Manager",
"keyField": "systemusername"
}
}

* acctEntMappingInfoColumnFromEnt attribute is specified in the colsToPropsMap of entitlementParams.
* The processing type "entToAcctMapping" is not present in acctEntParams.

In case you require additional details,The sample JSON for this scenario is available in the REST Connector guide under Developers Handbook->Importing Entitlement Owners

Also, please verify that the users are present in the users table and since the keyField is mapped to systemusername, ensure that the response(manager attribute) matches the same value.

Thank you
Vedanth B.K

Go to solution
GauravJain
Regular Contributor
Regular Contributor
In response to rajesh005

‎03/14/2023 11:09 PM

Hi @rajesh005 

You should make following changes :

1) Add "acctEntMappingInfoColumnFromEnt" inside "colsToPropsMap" for Group entType as shown below

"colsToPropsMap": {
"entitlementID": "Sys ID~#~char",
"entitlement_value": "Name~#~char",
"description": "Description~#~char",
"customproperty1": "Active~#~char",
"customproperty2": "Manager~#~char",
"status": "Active~#~char",
"acctEntMappingInfoColumnFromEnt": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}

2) Keep "listField" as blank as you have owner data at results level only

"entOwnerMappings": {
"listField": "",
"idPath": "Manager",
"keyField": "systemusername"
}

3) Inside "acctEntParams" configuration, have another call "call2" 

"call2": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"showJobHistory": true,
"processingType": "entToAcctMapping",
"ownerKeyField": "systemusername"
}

Note: systemusername must match with "manager" field in your json and must be present in your users dump in Saviynt.

Go to solution
rajesh005
New Contributor
New Contributor

‎03/15/2023 08:31 AM

Gaurav and Vedanth,

Thanks for your response. I am able to map entitlement owner now, only change I had done is changed owner field "systemusername to "systemUserName" looks like the attribute is case sensitive (PFA the updated json).

However I do have following questions and want to know if it is possible.

  1. With the json I attached, currently owner is getting mapped as Rank1. I also want to map same owner as rank 26 (primary certifier for certifications). So after the recon for each entitlement we should have a owner with rank 1 and rank 26.
  2. If the servicenow team updates the group owner to a different user, then after group recon Saviynt should update the existing entitlement owner to a new owner.  with the current json, this is not happening, I am seeing a new owner is getting added as rank 1 along with old owner. So after the recon that entitlement is having two owners (old and new) with rank 1.

Please let me know if above things are possible OOTB with the REST connector.

 

 

Preview file
4 KB
0 Kudos

Go to solution
GauravJain
Regular Contributor
Regular Contributor
In response to rajesh005

‎03/15/2023 08:55 AM

Hi @rajesh005 in your updated json, i can see you have followed all the suggestions provided by me and @Vedanth_BK  to make it work. why do you say that you only made changes to "systemusername" field? 

0 Kudos

Go to solution
rajesh005
New Contributor
New Contributor
In response to GauravJain

‎03/15/2023 09:19 AM

What I meant was apart from what you suggested(which I added), the other change I made is on systemusername field.

Can you also let me know the other  questions i had

0 Kudos

Go to solution
rajesh005
New Contributor
New Contributor

‎03/16/2023 09:20 AM

@GauravJain or @Vedanth_BK Do you have any thought above asked things and if it is feasible with rest connector

rajesh005_0-1678983635411.png

 

0 Kudos

Go to solution
SB
Saviynt Employee
Saviynt Employee
In response to rajesh005

‎04/05/2023 11:19 AM

@rajesh005 

1. Setting the owner rank is currently not supported via REST. You will need to use CSV upload in order to update the owner ranks.

https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter02-Identity-Repository/Uploa...

2. Unfortunately the removal of Previous owner is also not supported but you can certainly log this requirement to our Ideas portal. https://ideas.saviynt.com

For now, we can achieve this via the Schema connector. You can use the delete query to remove the old owner from the entitlement. 


Regards,
Sahil

Go to solution
piyushm
Regular Contributor II
Regular Contributor II
In response to SB

‎06/02/2023 09:56 AM

Hi @SB , On the similar lines but instead of systermusername , the manager.value is sys_id from SNOW in the Entitlement API response. Is it still possible to correlate the owner to an entitlement without manually populating sys_id of each user in the users table(Customproperty)? sys_id can be populated in the accounts customproperty during accounts import. Can we map the owner using accounts customproperty(sys_id)?

0 Kudos

Go to solution
SB
Saviynt Employee
Saviynt Employee
In response to piyushm

‎06/08/2023 08:31 AM

The owner can be mapped using User's attribute value.


Regards,
Sahil
0 Kudos
Copyright © 2024 Khoros, LLC