Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Rest - Multiple Entitlement Type Import and Association With Accounts

SJ_544
New Contributor III
New Contributor III

Hi Team,

We are trying to import the accounts and associated entitlements using REST Connector. We were able to do for one entitlement type but not for the others. As we are having two separate calls for Entitlement Type 1 and Entitlement Type 2 and we don't have any API stores both in one and also there is no API for roles and groups list.

Problem: If user has both roles and groups. It is just associating only groups, but not roles. 

Call 1 Response:
---------------------
"Mappings": [
{
"uniquename": "abcd@gmail.com",
"firstname": "ABCD",
"lastname": "ABCD",
"email": "abcd@gmail.com",
"group": [
{
"groupname": "GRP1"
},
{
"groupname": "GP2"
}
]
}


Call 2 Response
---------------------
{
"userlogin": "abcd@gmail.com",
"firstname": "ABCD",
"lastname": "ABCD",
"email": "abcd@gmail.com",
"roles": [
{
"rolename": "User"
}
]
}

JSON I am trying
{
"accountParams": {
"connection": "userAuth1",
"processingType": "SequentialAndIterative",
"successResponses": {
"statusCode": [
200,
201,
202,
203,
204,
205
]
},
"statusAndThresholdConfig": {
"deleteLinks": true,
"accountThresholdValue": 1000,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": false,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://domain1",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "Mappings",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "uniquename~#~char",
"name": "uniquename~#~char",
"customproperty1": "firstname~#~char",
"customproperty2": "lastname~#~char",
"customproperty3": "email~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
},
"disableDeletedAccounts": true
},
"call2": {
"callOrder": 1,
"stageNumber": 1,
"http": {
"url": "https://domain2",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"inputParams": {
"dependentCall": true
},
"listField": "Mappings",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"accountID": "uniquename~#~char",
"name": "uniquename~#~char",
"customproperty1": "firstname~#~char",
"customproperty2": "lastname~#~char",
"customproperty3": "email~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"roles": {
"importAsEntitlement": true,
"listPath": "roles",
"idPath": "rolename",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "rolename~#~char",
"entitlementID": "rolename~#~char",
"displayname": "name~#~char"
}
},
"group": {
"importAsEntitlement": true,
"listPath": "group",
"idPath": "groupname",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "groupname~#~char",
"entitlementID": "groupname~#~char"
}
}
}
},
"entitlementParams": {
"connection": "userAuth1",
"processingType": "SequentialAndIterative",
"entTypes": {
"roles": {},
"group": {}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}

Any leads will be appreciated. 
 Thanks in advance.


3 REPLIES 3

rushikeshvartak
All-Star
All-Star
{
  "accountParams": {
    "connection": "userAuth1",
    "processingType": "SequentialAndIterative",
    "successResponses": {
      "statusCode": [200, 201, 202, 203, 204, 205]
    },
    "statusAndThresholdConfig": {
      "deleteLinks": true,
      "accountThresholdValue": 1000,
      "correlateInactiveAccounts": true,
      "inactivateAccountsNotInFile": false,
      "deleteAccEntForActiveAccounts": true
    },
    "call": {
      "call1": {
        "callOrder": 0,
        "stageNumber": 0,
        "http": {
          "url": "https://domain1",
          "httpHeaders": {
            "Authorization": "${access_token}",
            "Accept": "application/json"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "listField": "Mappings",
        "keyField": "accountID",
        "colsToPropsMap": {
          "accountID": "uniquename~#~char",
          "name": "uniquename~#~char",
          "customproperty1": "firstname~#~char",
          "customproperty2": "lastname~#~char",
          "customproperty3": "email~#~char",
          "customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
        },
        "disableDeletedAccounts": true
      },
      "call2": {
        "callOrder": 1,
        "stageNumber": 1,
        "http": {
          "url": "https://domain2",
          "httpHeaders": {
            "Authorization": "${access_token}",
            "Content-Type": "application/json"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "inputParams": {
          "dependentCall": true
        },
        "listField": "Mappings",
        "keyField": "accountID",
        "nextApiKeyField": "accountID",
        "colsToPropsMap": {
          "accountID": "uniquename~#~char",
          "name": "uniquename~#~char",
          "customproperty1": "firstname~#~char",
          "customproperty2": "lastname~#~char",
          "customproperty3": "email~#~char",
          "customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
        }
      }
    },
    "acctEntMappings": {
      "roles": {
        "importAsEntitlement": true,
        "listPath": "roles",
        "idPath": "rolename",
        "keyField": "entitlementID",
        "colsToPropsMap": {
          "entitlement_value": "rolename~#~char",
          "entitlementID": "rolename~#~char",
          "displayname": "rolename~#~char"
        }
      },
      "group": {
        "importAsEntitlement": true,
        "listPath": "group",
        "idPath": "groupname",
        "keyField": "entitlementID",
        "colsToPropsMap": {
          "entitlement_value": "groupname~#~char",
          "entitlementID": "groupname~#~char"
        }
      }
    }
  },
  "entitlementParams": {
    "connection": "userAuth1",
    "processingType": "SequentialAndIterative",
    "entTypes": {
      "roles": {},
      "group": {}
    }
  },
  "acctEntParams": {
    "processingType": "acctToEntMapping"
  }
}

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

@rushikeshvartak  - Thanks for the quick response. Tried this few minutes back and it's overriding with next call, if user has both roles and groups. roles is replaced with groups.

example: 
{"group":{"entIds":["GRP1","GP2"],"keyField":"entitlementID"}}

I am expecting if both roles and groups stores something like below issue will be resolved.
{"roles":{"entIds":["Role1"],"keyField":"entitlementID", "group":{"entIds":["GRP1","GP2"],"keyField":"entitlementID"}}}

Any leads will be helpful.

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.