and more in a single search tool across platforms. Read the announcement here. |
03/25/2024 05:54 AM
Hi,
We are integrating Dynamics 365 connector in Saviynt and in Dynamics 365 we have 2 type of entitlements, Security Role and Organization. When assign Security role to the user, we have to assign organization to the security role in Dynamics 365.
Now, when we are raising the request, we have selected 1 security role and 1 organization. Below is Add access JSON provided by Saviynt for connection type REST_Dynamics365. In Organization block we need the reference of Security role id and the syntax given by Saviynt is actually for accessing dynamic attribute.
So, we need help to get the security role id reference in organizations call. If anyone has syntax and or any pointer to implement this use case then it will be really helpful. Right now I am testing it as entitlement request but in future these 2 type of entitlements will be raised as enterprise role.
{
"call": [
{
"name": "Roles",
"connection": "userAuth",
"url": "https://<Client>.dynamics.com/Data/SecurityUserRoles",
"httpMethod": "POST",
"httpParams": "{\"UserId\":\"${account.accountID}\",\"SecurityRoleIdentifier\":\"${entitlementValue.entitlementID}\",\"SecurityRoleName\":\"${entitlementValue.entitlement_value}\",\"AssignmentStatus\": \"Enabled\",\"AssignmentMode\": \"Manual\",\"UserLicenseType\": \"Activity\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json",
"OData-Version": "4.0"
},
"httpContentType": "application/json",
"unsuccessResponses": {
"statusCode": [
400,
401
]
},
"successResponses": {
"statusCode": [
200,
201,
204
]
}
},
{
"name": "Organizations",
"connection": "userAuth",
"url": "https://<Client>.dynamics.com/Data/SecurityUserRoleOrganizations",
"httpMethod": "POST",
"httpParams": "{\"UserId\":\"${account.accountID}\",\"SecurityRoleIdentifier\":\"${requestAccessAttributes.SecurityRoleIdentifier}\",\"OrganizationType\": \"${entitlementValue.customproperty3}\",\"OrganizationId\": \"${entitlementValue.entitlementID}\",\"OperatingUnitType\": \"${entitlementValue.customproperty4}\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json",
"OData-Version": "4.0"
},
"httpContentType": "application/json",
"unsuccessResponses": {
"statusCode": [
400,
401
]
},
"successResponses": {
"statusCode": [
200,
201,
204
]
}
}
]
}
Regards,
AP
03/25/2024 06:14 AM
try below syntax for attribute get:
\"SecurityRoleIdentifier\":\"${requestAccessAttributes.get('SecurityRoleIdentifier')\"
03/25/2024 06:29 AM
I have tried this syntax and for that also it's failing.
03/25/2024 06:37 AM
can you share error and logs
03/25/2024 07:34 AM
message":"Write failed for table row of type 'SystemSecurityUserRoleOrganizationEntity'. Infolog: Warning: Matching record with key 'AotName': ${requestAccessAttributes.get(SecurityRoleIdentifier)} for the data source 'SecurityRole' does not exist.","type":"Microsoft.Dynamics.Platform.Integration.Services.OData.AxODataWriteException","stacktrace":" at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.UpdateProcessor.CreateEntity_Save(ChangeOperationContext context, ChangeInfo changeInfo)\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.ChangeInfo.ExecuteActionsInCompanyContext(IEnumerable`1 actionList, ChangeOperationContext operationContext)\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.ChangeInfo.TrySave(ChangeOperationContext operationContext)\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.UpdateManager.SaveChanges()\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.AxODataDelegatingHandler
03/25/2024 07:37 AM
are you tested with single quote right like belw
${requestAccessAttributes.get('SecurityRoleIdentifier')}
03/25/2024 07:43 AM
Yes. actually this syntax is for accessing Dynamic attribute, but I want to read the value from other entitlement from the request for which also add access task has been created.
03/25/2024 07:45 PM
You need to create dynamic attribute
03/25/2024 07:46 PM
You can try
\"${if(requestAccessAttributes?.get('SecurityRole')!=null){requestAccessAttributes?.get('SecurityRole')}}\"
03/25/2024 10:14 PM
I tried this syntax and it's not working.
04/10/2024 07:44 AM
Hello @AP3 , were you able to get the solution to this or utilized Dynamic attribute? I am facing the same challenge. Please let me know, thanks
04/10/2024 08:08 AM
Hi @SSinha_ ,
I have raised the ticket with Saviynt and still waiting for reply. If I get any solution then will let you know.
04/12/2024 02:29 AM
Okay thanks a lot @AP3