Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

REST - ImportAccountEntJSON Unable to Import Multiple Entitlement Types

mmomin-xalient
New Contributor II
New Contributor II

Hello,

I configured accountParams with intent to import the account and create entitlements and association with the account. However, I am running into two issues:

1. It is successfully completing but only creating entitlements for Security Role. However, CP31 is getting updated with entids but it is not mapping the account to entitlement. 

2. Team ent type is getting created on Endpoint but it is not creating any entitlements in Saviynt. 

I am not sure what is going wrong. 

ImportAccountEntJSON:

{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"successResponses": {
"statusCode": [
200,
201,
202,
203,
204,
205
]
},
"statusAndThresholdConfig": {
"deleteLinks": true,
"accountThresholdValue": 1000,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": false,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "http://XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:8080/saviynt-dev/api/UserManagement/GetActiveUsers",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "value",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "systemuserid~#~char",
"name": "#CONST#${String acctName = response.domainname; acctName = acctName.split('\\\\\\\\')[1]; return acctName}~#~char",
"customproperty1": "fullname~#~char",
"customproperty2": "firstname~#~char",
"customproperty3": "lastname~#~char",
"customproperty4": "internalemailaddress~#~char"
},
"disableDeletedAccounts": true
},
"call2": {
"callOrder": 1,
"stageNumber": 3,
"http": {
"url": "http://XXXXXXXXXXXXXXXXXXXXXXXXXXX:8080/saviynt-dev/api/UserManagement/GetUser",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/x-www-form-urlencoded"
},
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GETWITHBODY",
"httpParams": "{\"UserId\":\"${accountName}\"}"
},
"inputParams": {
"dependentCall": true
},
"listField": "",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"accountID": "systemuserid~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"Security Role": {
"importAsEntitlement": true,
"listPath": "systemuserroles_association",
"idPath": "roleid",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "roleid~#~char",
"entitlementID": "roleid~#~char",
"displayname": "name~#~char"
}
},
"Team": {
"importAsEntitlement": true,
"listPath": "teammembership_association",
"idPath": "roleid",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "roleid~#~char",
"entitlementID": "roleid~#~char",
"displayname": "name~#~char"
}
}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}

 

call1 API response:

{
    "value": [
        {
            "firstname": "Aisha",
            "lastname": "XX",
            "fullname": "Aisha XX",
            "systemuserid": "3f4c9923-b8a0-ed11-a87d-00505684cdbc",
            "domainname": "DOMAIN\\30094374",
            "internalemailaddress": "Aisha.XX@DOMAIN.com"
        },
        {
            "firstname": "Karisa",
            "lastname": "XX",
            "fullname": "Karisa XX",
            "systemuserid": "55d2c315-baa0-ed11-a87d-00505684cdbc",
            "domainname": "DOMAIN\\30088776",
            "internalemailaddress": "Karisa.XXX@DOMAIN.com"
        }
]
}

call2 API response:

{
    "firstname": "Karisa",
    "lastname": "XX",
    "fullname": "Karisa XX",
    "systemuserid": "f6736842-d8a0-ed11-a87d-00505684cdbc",
    "domainname": "DOMAIN\\30088776",
    "internalemailaddress": "Karisa.XXX@DOMAIN.com",
    "systemuserroles_association": [
        {
            "roleid": "e5ce7a0c-9f96-e211-8c76-002219521014",
            "name": "Back-Up Contact Center Base"
        },
        {
            "roleid": "b94d696e-4fb9-ea11-a85f-005056840741",
            "name": "Backup Care SPOG"
        },
        {
            "roleid": "25755b6f-7296-ea11-a83a-00505684790b",
            "name": "Consultant Article Viewer"
        },
        {
            "roleid": "6b564317-36e3-e111-8aef-0050568b60d0",
            "name": "System Administrator"
        }
    ],
    "teammembership_association": [
        {
            "teamid": "417f438b-d5a8-e211-b806-002219521014",
            "name": "Back-Up Contact Center Team"
        }
    ]
}

[This post has been edited by a Moderator to remove sensitive information.]

4 REPLIES 4

NM
Valued Contributor
Valued Contributor

Try the highlighted change once..

},

"inputParams": {

"dependentCall": true

},

"listField": "",

"keyField": "accountID",

"nextApiKeyField": "accountID",

"colsToPropsMap": {

"accountID": "systemuserid~#~char",

"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"

}

}

},

"acctEntMappings": {

"Security Role": {

"importAsEntitlement": true,

"listPath": "systemuserroles_association",

"idPath": "roleid",

"keyField": "entitlementID",

"colsToPropsMap": {

"entitlement_value": "roleid~#~char",

"entitlementID": "roleid~#~char",

"displayname": "name~#~char"

}

},

"Team": {

"importAsEntitlement": true,

"listPath": "teammembership_association",

"idPath": "roleid",

"keyField": "entitlementID",

"colsToPropsMap": {

"entitlement_value": "teamid~#~char",

"entitlementID": "teamid~#~char",

"displayname": "name~#~char"

}

}

}

},

"acctEntParams": {

"processingType": "acctToEntMapping"

}

}

mmomin-xalient
New Contributor II
New Contributor II

Hello,

Thank you for pointing that out. I was completely overlooking the teamid in that array and thinking it was roldid. Now Team entitlement Type and entitlement associated with that type are created. However, still not able to map the account and Entitlement. Now the CP31 has about Team and Security Role but still not able to map it. Here is one of the account's CP31 value.

{"Security Role":{"entIds":["bcd25023-a796-e211-8c76-002219521014","9c1a3309-c596-e211-8c76-002219521014","de9cd1e8-670a-e311-9d31-002219521014","f0e9d490-c62f-e311-b55e-002219521014","8d356f73-b25b-e211-bb38-002219521014","859cb5a2-f587-e511-aea5-00505684371f","76e43af0-f587-e511-aea5-00505684371f","61646485-0acd-e111-9401-0050568b1373","7ac89859-7245-e211-a69d-0050568b783d","c93676b5-7445-e211-a69d-0050568b783d","25684d85-7645-e211-a69d-0050568b783d","98070346-5684-e311-ae91-005056991899"],"keyField":"entitlementID"}}

Here is the updated JSON.

JSON:
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"successResponses": {
"statusCode": [
200,
201,
202,
203,
204,
205
]
},
"statusAndThresholdConfig": {
"deleteLinks": true,
"accountThresholdValue": 1000,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": false,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "http://xxxxxxxxxxxxxxxxxxxx:8080/saviynt-dev/api/UserManagement/GetActiveUsers",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "value",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "systemuserid~#~char",
"name": "#CONST#${String acctName = response.domainname; acctName = acctName.split('\\\\\\\\')[1]; return acctName}~#~char",
"customproperty1": "fullname~#~char",
"customproperty2": "firstname~#~char",
"customproperty3": "lastname~#~char",
"customproperty4": "internalemailaddress~#~char"
},
"disableDeletedAccounts": true
},
"call2": {
"callOrder": 1,
"stageNumber": 3,
"http": {
"url": "http://xxxxxxxxxxxxxxxxxxxxxxxxxxxx:8080/saviynt-dev/api/UserManagement/GetUser",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/x-www-form-urlencoded"
},
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GETWITHBODY",
"httpParams": "{\"UserId\":\"${accountName}\"}"
},
"inputParams": {
"dependentCall": true
},
"listField": "",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"accountID": "systemuserid~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"Security Role": {
"importAsEntitlement": true,
"listPath": "systemuserroles_association",
"idPath": "roleid",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "roleid~#~char",
"entitlementID": "roleid~#~char",
"displayname": "name~#~char"
}
},
"Team": {
"importAsEntitlement": true,
"listPath": "teammembership_association",
"idPath": "teamid",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "teamid~#~char",
"entitlementID": "teamid~#~char",
"displayname": "name~#~char"
}
}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}

mmomin-xalient
New Contributor II
New Contributor II

I got it working. Seems entitlementParams was mandatory for this to be working. Here is my updated JSON, Ran the account import first then ran the access import and it worked like a charm.

JSON:
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"successResponses": {
"statusCode": [
200,
201,
202,
203,
204,
205
]
},
"statusAndThresholdConfig": {
"deleteLinks": true,
"accountThresholdValue": 1000,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": false,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "http://xxxxxxxxxxxxxxxxxxxxxx:8080/saviynt-dev/api/UserManagement/GetActiveUsers",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "value",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "systemuserid~#~char",
"name": "#CONST#${String acctName = response.domainname; acctName = acctName.split('\\\\\\\\')[1]; return acctName}~#~char",
"displayname": "fullname~#~char",
"comments": "domainname~#~char",
"customproperty1": "firstname~#~char",
"customproperty2": "lastname~#~char",
"customproperty3": "internalemailaddress~#~char"
},
"disableDeletedAccounts": true
},
"call2": {
"callOrder": 1,
"stageNumber": 3,
"http": {
"url": "http://xxxxxxxxxxxxxxxxxxxxxxxxxx:8080/saviynt-dev/api/UserManagement/GetUser",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/x-www-form-urlencoded"
},
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GETWITHBODY",
"httpParams": "{\"UserId\":\"${accountName}\"}"
},
"inputParams": {
"dependentCall": true
},
"listField": "",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"accountID": "systemuserid~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"Security Role": {
"importAsEntitlement": true,
"listPath": "systemuserroles_association",
"idPath": "roleid",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "roleid~#~char",
"entitlementID": "roleid~#~char",
"displayname": "name~#~char"
}
},
"Team": {
"importAsEntitlement": true,
"listPath": "teammembership_association",
"idPath": "teamid",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "teamid~#~char",
"entitlementID": "teamid~#~char",
"displayname": "name~#~char"
}
}
}
},
"entitlementParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Security Role": {},
"Team": {}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}

If you don’t have entitlement mapping separate api then also entitlementParams block is mandatory .

👍Please click the 'Accept As Solution' button on the reply (or replies) that best answered your original question.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.