and more in a single search tool across platforms. Read the announcement here. |
02/01/2024 12:04 PM - last edited on 02/01/2024 01:27 PM by Dave
We are integrating crowdstrike with REST Connector
For Accounts we have 2 APIs
For Entitlements - 2 APIs
Questions:
Please help us with ImportAccountEntJSON
API 1 - Response : Accounts
{
"meta": {
"query_time": 0.020086269,
"pagination": {
"offset": 0,
"limit": 100,
"total": 57
},
"powered_by": "cs.flightcontrolapi",
"trace_id": "d447c481-b30f-47ce-9a0e-0b8c0e4c58eb"
},
"resources": [
"aafdc9b2-7d48-4864-8b43-6f08156914ba"
]
}
API 2 - Account Info
Body :
curl --location "https://amaskedurlrushi.com" --header "Authorization: Bearer abcd" --header "Content-Type: application/json" --data "{\"ids\":[
\"aafdc9b2-7d48-4864-8b43-6f08156914ba\"]}"
Response:
{
"meta": {
"query_time": 0.016138583,
"powered_by": "cs.flightcontrolapi",
"trace_id": "fd90cdcf-d4d4-4b7b-b140-9199372f5a82"
},
"resources": [
{
"uuid": "aafdc9b2-7d48-4864-8b43-6f08156914ba",
"cid": "2acae8639bf649789b74bd8fea38a732",
"uid": "rushi.vartak@rushi.com",
"first_name": "Rsuhi",
"last_name": "Jenkins",
"last_login_at": "2021-10-27T14:47:25.991Z",
"created_at": "2021-08-05T19:23:26.566Z"
}
]
}
Entitlements
Call 1 : Get Entitlement ID
{
"meta": {
"query_time": 0.013671067,
"powered_by": "cs.flightcontrolapi",
"trace_id": "396a72d5-eea3-4caa-9438-3faad8388fff"
},
"resources": [
"image_viewer"
]
}
Call 2 : Get Entitlement Information
Body :
curl --location "https://masked.com/roles/v1?ids=image_viewer" --header "Authorization: Bearer masked"
Response
{
"meta": {
"query_time": 0.10586239,
"powered_by": "cs.flightcontrolapi",
"trace_id": "8f80b588-9fd6-47b6-9ed6-2d31ed5ddb53"
},
"resources": [
{
"id": "image_viewer",
"display_name": "Container Image Viewer",
"description": "View details about image vulnerabilities, Image Assessment policies, and registry connections.",
"is_global": true
}
]
}
Solved! Go to Solution.
02/05/2024 04:51 AM
Please refer to the developer's handbook and modify the JSON as per the requirement.
Developers Handbook (saviyntcloud.com)
Example 1: Add multiple calls in the accountParams attribute. This example uses the ${accountName} binding variable to iterate the accounts imported as part of call1. Set the dependentCall variable under inputParams to true when the call2 is dependent on call1.
{ "accountParams": { "connection": "acctAuth", "createUsers": true, "adminName": "admin", "processingType": "SequentialAndIterative", "statusAndThresholdConfig": { "deleteLinks": false, "accountThresholdValue": 30, "correlateInactiveAccounts": false, "inactivateAccountsNotInFile": false, "deleteAccEntForActiveAccounts": true }, "call": { "call1": { "callOrder": 0, "stageNumber": 0, "http": { "url": "https://api.**************.com/v1/enterprise/345992/users", "httpHeaders": { "Authorization": "${access_token}" }, "httpContentType": "application/x-www-form-urlencoded", "httpMethod": "GET" }, "listField": "users", "keyField": "accountID", "colsToPropsMap": { "accountID": "id~#~char", "name": "id~#~char" }, "disableDeletedAccounts": true }, "call2": { "callOrder": 1, "stageNumber": 3, "http": { "url": "https://api.**************.com/v1/user/${accountName}", "httpHeaders": { "Authorization": "${access_token}" }, "httpContentType": "application/x-www-form-urlencoded", "httpMethod": "GET" }, "inputParams": { "dependentCall": true }, "listField": "", "keyField": "accountID", "nextApiKeyField": "accountID", "colsToPropsMap": { "accountID": "id~#~char", "name": "username~#~char", "customproperty1": "emailId~#~char", "customproperty2": "lastName~#~char", "customproperty3": "company~#~char", "customproperty4": "timezone~#~char", "customproperty5": "defaultEndpoint~#~char", "customproperty6": "lastLogin~#~char" } } } } }
Example 2: Add multiple calls in the entitlementParams attribute. This example uses the ${entitlementID} binding variable to iterate the entitlementIDs imported as part of call1. Set the entitlementname variable under inputParams to the name of entitlement type when the call2 is dependent on call1.
{ "accountParams": {}, "entitlementParams": { "connection": "acctAuth", "processingType": "SequentialAndIterative", "entTypes": { "zone": { "entTypeOrder": 0, "call": { "call1": { "callOrder": 0, "stageNumber": 0, "http": { "url": "https://*****/Group", "httpHeaders": { "Authorization": "${access_token}", "Accept": "text/json" }, "httpContentType": "application/json", "httpMethod": "GET" }, "listField": "Rsp.Result", "keyField": "entitlementID", "colsToPropsMap": { "entitlementID": "Guid~#~char", "entitlement_value": "Guid~#~char" }, "disableDeletedEntitlements": true }, "call2": { "connection": "acctAuth", "callOrder": 1, "stageNumber": 3, "http": { "url": "https://****/groupID/${entitlementID}", "httpHeaders": { "Authorization": "${access_token}", "Accept": "text/json" }, "httpContentType": "application/json", "httpMethod": "GET" }, "inputParams": { "entitlementname": "zone" }, "listField": "", "keyField": "entitlementID", "colsToPropsMap": { "entitlementID": "Rsp.Result.Guid~#~char", "entitlement_value": "Rsp.Result.Guid~#~char", "customproperty1": "Rsp.Result.AccessPermissionLevel~#~char", "customproperty2": "Rsp.Result.Name~#~char", "customproperty3": "Rsp.Result.OwnerRole~#~char" }, "disableDeletedEntitlements": true } } } } }, "acctEntParams": { } }
Regards,
Dhruv Sharma
02/05/2024 05:04 AM
As per saviynt crowstrick documents, account import is not supported and here we need to send all account id from first api to second not individual.
02/05/2024 12:21 PM
So your call2 is ideally giving more details on the account profile. For this I think you should be able to use dependentCall function with the REST Connector. An individual call will be made for each account that was part of call1 automatically.
https://docs.saviyntcloud.com/bundle/REST-v24x/page/Content/Developers-Handbook.htm
02/05/2024 06:41 PM
Hi Sahil, I'm running into a similar issue as Rushikesh. From my understanding, the dependantCall function will pass the value in the url variable, however, this doesn't work with CrowdStrike. The CrowdStrike API requires that the array of resources returned with the first call, be in the body of the second call to return the account details. @rushikeshvartak have you had any luck getting this working?
02/05/2024 06:43 PM
@Ben I am also in same boat.
As per documentation its not supported.
No luck so far.
Does your connection json working ?
02/06/2024 10:17 AM - edited 02/06/2024 10:17 AM
In this case, it is currently not supported. You can raise an enactment request on the ideas portal for it.
02/07/2024 09:03 AM
Idea ticket raised.
https://ideas.saviynt.com/ideas/EIC-I-5499
04/22/2024 06:52 AM
With help of CSM and client , this idea has been accepted by Saviynt
02/05/2024 07:17 PM
Mmm that's annoying. I was hoping there was a way to iterate through the resources response and store each one against an account with dummy values, then use the second call to true up the attributes.
Yeah, the connection JSON is all fine.
I might just park this for the time being.
02/05/2024 07:19 PM
Can you share connection JSON