Saviynt Forums

AP3 · ‎03/25/2024

Hi,

We are integrating Dynamics 365 connector in Saviynt and in Dynamics 365 we have 2 type of entitlements, Security Role and Organization. When assign Security role to the user, we have to assign organization to the security role in Dynamics 365.

Now, when we are raising the request, we have selected 1 security role and 1 organization. Below is Add access JSON provided by Saviynt for connection type REST_Dynamics365. In Organization block we need the reference of Security role id and the syntax given by Saviynt is actually for accessing dynamic attribute.

So, we need help to get the security role id reference in organizations call. If anyone has syntax and or any pointer to implement this use case then it will be really helpful. Right now I am testing it as entitlement request but in future these 2 type of entitlements will be raised as enterprise role.

{
"call": [
{
"name": "Roles",
"connection": "userAuth",
"url": "https://<Client>.dynamics.com/Data/SecurityUserRoles",
"httpMethod": "POST",
"httpParams": "{\"UserId\":\"${account.accountID}\",\"SecurityRoleIdentifier\":\"${entitlementValue.entitlementID}\",\"SecurityRoleName\":\"${entitlementValue.entitlement_value}\",\"AssignmentStatus\": \"Enabled\",\"AssignmentMode\": \"Manual\",\"UserLicenseType\": \"Activity\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json",
"OData-Version": "4.0"
},
"httpContentType": "application/json",
"unsuccessResponses": {
"statusCode": [
400,
401
]
},
"successResponses": {
"statusCode": [
200,
201,
204
]
}
},
{
"name": "Organizations",
"connection": "userAuth",
"url": "https://<Client>.dynamics.com/Data/SecurityUserRoleOrganizations",
"httpMethod": "POST",
"httpParams": "{\"UserId\":\"${account.accountID}\",\"SecurityRoleIdentifier\":\"${requestAccessAttributes.SecurityRoleIdentifier}\",\"OrganizationType\": \"${entitlementValue.customproperty3}\",\"OrganizationId\": \"${entitlementValue.entitlementID}\",\"OperatingUnitType\": \"${entitlementValue.customproperty4}\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json",
"OData-Version": "4.0"
},
"httpContentType": "application/json",
"unsuccessResponses": {
"statusCode": [
400,
401
]
},
"successResponses": {
"statusCode": [
200,
201,
204
]
}
}
]
}

Regards,

AP

CR · ‎03/25/2024

try below syntax for attribute get:

\"SecurityRoleIdentifier\":\"${requestAccessAttributes.get('SecurityRoleIdentifier')\"

Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

AP3 · ‎03/25/2024

I have tried this syntax and for that also it's failing.

CR · ‎03/25/2024

can you share error and logs

Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

AP3 · ‎03/25/2024

message":"Write failed for table row of type 'SystemSecurityUserRoleOrganizationEntity'. Infolog: Warning: Matching record with key 'AotName': ${requestAccessAttributes.get(SecurityRoleIdentifier)} for the data source 'SecurityRole' does not exist.","type":"Microsoft.Dynamics.Platform.Integration.Services.OData.AxODataWriteException","stacktrace":" at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.UpdateProcessor.CreateEntity_Save(ChangeOperationContext context, ChangeInfo changeInfo)\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.ChangeInfo.ExecuteActionsInCompanyContext(IEnumerable`1 actionList, ChangeOperationContext operationContext)\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.ChangeInfo.TrySave(ChangeOperationContext operationContext)\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.Update.UpdateManager.SaveChanges()\r\n at Microsoft.Dynamics.Platform.Integration.Services.OData.AxODataDelegatingHandler

CR · ‎03/25/2024

are you tested with single quote right like belw

${requestAccessAttributes.get('SecurityRoleIdentifier')}

Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

AP3 · ‎03/25/2024

Yes. actually this syntax is for accessing Dynamic attribute, but I want to read the value from other entitlement from the request for which also add access task has been created.

rushikeshvartak · ‎03/25/2024

You need to create dynamic attribute

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

rushikeshvartak · ‎03/25/2024

You can try

\"${if(requestAccessAttributes?.get('SecurityRole')!=null){requestAccessAttributes?.get('SecurityRole')}}\"

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

AP3 · ‎03/25/2024

I tried this syntax and it's not working.

SSinha_ · ‎04/10/2024

Hello @AP3 , were you able to get the solution to this or utilized Dynamic attribute? I am facing the same challenge. Please let me know, thanks

AP3 · ‎04/10/2024

Hi @SSinha_ ,

I have raised the ticket with Saviynt and still waiting for reply. If I get any solution then will let you know.

SSinha_ · ‎04/12/2024

Okay thanks a lot @AP3

Saviynt Forums

Reference on entitlement from add access task in other entitlement add access task