Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/07/2024 06:59 AM
Hi Team,
We have a rest based application integration where we need to provide the entitlement as part of the createAccount json.
Create API payload is as below.
{
"data": {
"email": "test@domain.com",
"tenantRoles": ["Role name selected through ARS"],
"scope": "tenant",
"fullName": "test",
"fullNameReadOnly": "true",
"twoFaEnabled": "true",
"groupReadOnly": "true",
"allowRemoteShell": "true",
"emailReadOnly": "true"
}
}
We are using the below json to create.
{
"accountIdPath": "call1.message.data.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxx/web/api/v2.1/users",
"httpMethod": "POST",
"httpParams": "{\"data\": {\"email\": \"${user.email}\",\"tenantRoles\":[\"Role name selected through ARS\"],\"scope\": \"tenant\",\"fullName\":\"${arsTasks.accountName}\",\"fullNameReadOnly\": \"true\",\"twoFaEnabled\": \"true\",\"groupReadOnly\": \"true\",\"allowRemoteShell\": \"true\",\"emailReadOnly\": \"true\"}}",
"httpHeaders": {
"Authorization": "Apikey",
"Accept": "*/*"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}
When we are hardcoding the value in the tenantroles the data is populating and looks good, and the id is also creating the user in target. But when we are trying to pull dynamically we are unable to.
Please suggest us with a CreateAccountJSON where we can pass the entitlement dynamically as given in the payload.
Thanks
08/07/2024 08:37 AM
${requestAccessAttributes.get('Name of Attribute')}
Developer handbook for reference:
08/07/2024 09:40 AM
hI @dgandhi ,
Thanks for the update.
Please note we do not have any dynamic attribute, rather tenant role is a entitlement type and user need to select that. So once they select that and submit, the user request flows.
Can you please share the createaccount json format for this. In this case we need the entitlement value from the ARS to pass it in the payload.
thanks
08/07/2024 10:38 AM
Try below:
{task.entitlement_valueKey.entitlement_value}
${task?.entitlementValueKey?.entitlement_value}
\"summary\": \"${task.accountName+'_'+task.entitlement_valueKey.entitlement_value}\",
08/07/2024 01:01 PM
Hi @DG1811 , you cannot pass entitlement details in create account json
If you want to do so create a dynamic attribute, list down all the entitlement and pass the same in json
Or
Make entitlement as required so user have to select while submitting an account request.
08/08/2024 03:22 AM
hI @NM ,
I have pulled the entitlements in the EntitlementType Tenant and then created a DynamicAttribute TenantRole and mapped the entitlements present in Tenant to it.
I want to pass the entitlement ID present in CP1 of the entitlement in the attribute name . I used below format,
\"tenantRoles\": [{\"id\": \"${requestAccessAttributes.get('Customproperty1')}}]
and
\"tenantRoles\": [{\"id\": \"${requestAccessAttributes.get('TenantRole.Customproperty1')}}]
and
\"tenantRoles\": [{\"id\": \"${requestAccessAttributes.get('TenantRole')}}]
but while i run it, it gives me below error
"call1":{"headers":null,"message":{"errors":[{"code":4000010,"detail":"data: tenantRoles: 0: id: Not a valid Identifier., "title":"Validation Error"}]},"statusCode":400,"description":null,"status":"Failed"}
Please suggest a format to pass it.
Thanks
08/08/2024 06:31 AM
In same dynamic attribute show cp1 also
select entitlement_value as id, customproperty1 as inlinedescription from entitlement_values
08/07/2024 05:48 PM
08/08/2024 03:14 AM
I have pulled the entitlements in the EntitlementType Tenant and then created a DynamicAttribute TenantRole and mapped the entitlements present in Tenant to it.
I want to pass the entitlement ID present in CP1 of the entitlement in the attribute name . I used below format,
\"tenantRoles\": [{\"id\": \"${requestAccessAttributes.get('Customproperty1')}}]
and
\"tenantRoles\": [{\"id\": \"${requestAccessAttributes.get('TenantRole.Customproperty1')}}]
and
\"tenantRoles\": [{\"id\": \"${requestAccessAttributes.get('TenantRole')}}]
but while i run it, it gives me below error
"call1":{"headers":null,"message":{"errors":[{"code":4000010,"detail":"data: tenantRoles: 0: id: Not a valid Identifier., "title":"Validation Error"}]},"statusCode":400,"description":null,"status":"Failed"}
Please suggest a format to pass it.
Thanks
08/08/2024 03:26 AM
@DG1811 , you can't pass id in this way..
Create one more dynamic attribute while is not editable and on the basis of selection of entitlement populate it automatically with cp1 of that entitlement.
09/06/2024 09:59 AM
hi @NM ,
Okay in that case suppose i have a dynamic attribute1 where i am fetching all the entitlementvalues and that will comeup in the ars form. upon selection by the user, do you want me to create a dynamic attribute 2 which will have the parent as dynamic attribute1 and while passing the value, i will select
${requestAccessAttributes.get('dynamicattribute2')}
is that what you refered. Can you please guide and also please guide with an example please.
Thanks
09/06/2024 10:15 AM
Hi @DG1811 , so the flow will look something like below
1) create DA which will show all the entitlement for the application.. user will select one from it.
2) create another dynamic attribute which will have cp1 value of the entitlement selected in 1st DA
You can make it mandatory and not editable and then pass the same in json
Let me know if you have any other query.. happy to help 🙂
09/06/2024 10:25 AM
Hi @NM ,
How can i perform the second task to pass the cp1 value, selected in the 1stDA. Will this be the config?
Please help on this.
Thanks
09/06/2024 10:31 AM
09/06/2024 10:28 AM - edited 09/06/2024 10:28 AM
@DG1811 okay so ..
After selecting an entitlement from 1DA write an SQl query for DA 2
Sample
Select customproperty1 as ID from entitlement_values where entitlement_value=${DA1 name}
09/06/2024 10:50 AM
Hi @NM ,
But when i mark it non editable and mandatory it stops me to submit the request.
Please validate if the below config looks good.
Dynamicattribute1:
Quesry is as below:
SELECT DISTINCT ev.entitlement_value AS ID FROM entitlement_values ev where ev.entitlementtypekey = key;
DynamicAttribute2:
And query is as below:
SELECT DISTINCT ev.customproperty1 AS ID FROM entitlement_values ev where ev.entitlement_value = ${AllClients}
Please check and let me know if this looks good or not. Please suggest.
Thanks
09/06/2024 10:53 AM - edited 09/06/2024 10:54 AM
@DG1811 add the same query in default value too for DA2 and check is DA2 is getting populated on the ARS page..
And keep mapping as action for both DA's
Share ss..
09/06/2024 11:00 AM
Hi @NM ,
In the Submittion form it gives me this.
Is this the expected behaviour? It should populate the value right.
Thanks
09/06/2024 11:06 AM - edited 09/06/2024 11:07 AM
Yes should show the value..try in data anaylzer and see if it gives any value..instead of using dynamically pass a static value of entitlement in DA2 query.
Also try single quotes before and after the DA name in query
As in '${DA2 name}'
09/06/2024 11:09 AM
09/06/2024 11:13 AM
@DG1811 but not working in request form? topmost value is empty in DA
09/06/2024 11:25 AM
hi @NM ,
Yeah. (topmost value is empty in DA) - did not get this one, can you please elaborate.
Thanks
09/06/2024 11:29 AM
@DG1811 , try with static value in DA and see if you get the result.
09/06/2024 11:33 AM
09/06/2024 11:35 AM
Share both DA configs
09/06/2024 11:36 AM
09/06/2024 11:36 AM
@DG1811 , chances are value is empty .. or same entitlement name exist for any other endpoint.
09/06/2024 12:27 PM
hI @NM / @rushikeshvartak ,
Using the hardcoded value in the below query it worked .
SELECT DISTINCT ev.customproperty1 as id from entitlement_types et inner join endpoints e on et.ENDPOINTKEY=e.ENDPOINTKEY inner join entitlement_values ev on et.ENTITLEMENTTYPEKEY=ev.ENTITLEMENTTYPEKEY where e.ENDPOINTNAME='OneTrack_test' AND et.ENTITLEMENTTYPEKEY=957 AND ev.entitlement_value in ('In Touch Pharmaceuticals')
Below is the format that it shows.
I tried putting the last part as below.
ev.entitlement_value in ('${AllClients}'),
ev.entitlement_value in (${AllClients}),
ev.entitlement_value = '${AllClients}'
nothing worked, Please suggest,
Thanks
09/06/2024 12:46 PM
@DG1811 without quotes
ev.entitlement_value = ${AllClients}
09/06/2024 12:49 PM
Hi @NM ,
tried this too but this too did not work.
thanks
09/06/2024 01:00 PM
@DG1811 is it working for any other entitlement?
09/09/2024 12:32 AM
09/09/2024 05:56 AM
Share document with full latest configuration of both Dynamic attribute, request form view, and logs in text format