Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

REST Connector to import Azure AD Guest Accounts and Entitlement

amitasingh123
New Contributor
New Contributor

Hi Team,

I am trying to import Azure AD guest accounts and entitlements using the JSON below. The guest accounts are imported successfully, but I'm having issues with the entitlements. My questions are: First, how can I create the default entitlement type as defined on the Azure side, instead of specifying the entitlement type as "Group" in the JSON body, similar to how the OOB Azure connector does it? Second, how do I perform account to entitlement mapping using JSON.

{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://graph.microsoft.com/v1.0/users?$count=true&$filter=userType%20eq%20%27Guest%27&$select=id,us...",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET"
},
"statusConfig": {
"active": "true",
"inactive": "false"
},
"listField": "value",
"keyField": "accountID",
"colsToPropsMap": {
"customproperty1": "displayName~#~char",
"customproperty2": "userType~#~char",
"customproperty3": "mail~#~char",
"name": "userPrincipalName~#~char",
"status": "accountEnabled~#~char",
"accountID": "id~#~char"
},
"pagination": {
"nextUrl": {
"nextUrlPath": "${headers?.Link?.split(';')?.size()==5?headers?.Link?.split(';')[2]?.replace('rel=\"prev\",<', '')?.replace('>','')?.trim():headers?.Link?.split(';')?.size()==4 && headers?.Link?.split(';')[2].contains('rel=\"next\",<')?headers?.Link?.split(';')[1]?.replace('rel=\"first\",<', '')?.replace('>','')?.trim():null}"
}
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Group": {
"entTypeOrder": 0,
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://graph.microsoft.com/v1.0/groups/",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "value",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "displayName~#~char",
"customproperty1": "createdDateTime~#~char",
"customproperty2": "renewedDateTime~#~char"
},
"pagination": {
"nextUrl": {
"nextUrlPath": "${response?.completeResponseMap?.next_page==null?null:response.completeResponseMap.next_page}"
}
},
"disableDeletedEntitlements": true
}
}
}
}
},
"acctEntParams": {}
}

 

Thanks

Amita Singh

2 REPLIES 2

adarshk
Saviynt Employee
Saviynt Employee

Please refer the Azure AD integration guide and follow the instructions to setup group import.

https://docs.saviyntcloud.com/bundle/AzureAD-v2021x/page/Content/Azure-AD-Integration-Overview.htm

rushikeshvartak
All-Star
All-Star

Any limitation for not using OOTB AzureAD  connector


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.