Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Role list returned without ID nor in key-value pair form for ImportAccountEntJSON

Go to solution
fuko
New Contributor III
New Contributor III

‎01/08/2024 03:03 AM

Hello Saviynt Support team,

With these two provided endpoints from target applications where the former returns a list of users with their associated and the latter returns a list of roles.

EndpointSample result
https://xxx/rest/UserManagementAPI/AppUserBasedRoleList
{
  "ApplicationCode""Award_Roles",
  "UserRoleDetails": [
    {
      "UserId""bruce",
      "Role": [
        "Award_Director"
      ]
    },
    {
      "UserId""barney",
      "Role": [
        "Award_Staff"
      ]
    }
  ]
}
https://XXX/rest/UserManagementAPI/AppRoleList
{
  "ApplicationCode""Award_Roles",
  "RoleList": [
    "Award_PanelMember",
    "Award_Director",
    "Award_Admin",
    "Award_Staff"
  ]
}

 

According to Developers Handbook at https://docs.saviyntcloud.com/bundle/REST-v2022x/page/Content/Developers-Handbook.htm#top, I pick the processing type of acctToEntMapping for ImportAccountEntJSON as below.

 

 

 

{
  "accountParams": {
    "connection": "acctAuth",
    "processingType": "SequentialAndIterative",
    "statusAndThresholdConfig": {},
    "call": {
      "call1": {
        "callOrder": 0,
        "stageNumber": 0,
        "http": {
          "url": "https://xxx/rest/UserManagementAPI/AppUserBasedRoleList",
          "httpHeaders": {
            "appkey": "${API_KEY}",
            "Accept": "application/json"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "listField": "users",
        "keyField": "UserRoleDetails",
        "colsToPropsMap": {
          "accountID": "UserId~#~char"
        }
      }
    },
    "acctEntMappings": {
      "Role": {
        "listPath": "Role",
        "idPath": "",
        "keyField": "entitlementID"
      }
    }
  },
  "entitlementParams": {
    "connection": "acctAuth",
    "processingType": "SequentialAndIterative",
    "entTypes": {
      "Role": {
        "entTypeOrder": 1,
        "call": {
          "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "http": {
              "url": "https://XXX/rest/UserManagementAPI/AppRoleList",
              "httpHeaders": {
                "appkey": "${API_KEY}",
                "Accept": "application/json"
              },
              "httpContentType": "application/json",
              "httpMethod": "GET"
            },
            "listField": "RoleList",
            "keyField": "",
            "colsToPropsMap": {
                ???
            },
            "disableDeletedEntitlements": true
          }
        }
      }
    }
  },
  "acctEntParams": {
    "processingType": "acctToEntMapping"
  }
}

 

I don't know how the attributes mapping for the entitlement should happen in here (the colsToPropsMap of entitlementParams) since the results the role returned from endpoint as a list of role name without any ID or in form of key-value pair. Should the application need to update the API to have a key-value pair to fit the  ImportAccountEntJSON scenario? Please help me shed a light on it.

Labels:
0 Kudos
5 REPLIES 5

Go to solution
sudeshjaiswal
Saviynt Employee
Saviynt Employee

‎01/09/2024 11:30 PM - edited ‎01/10/2024 07:14 PM

Hello @fuko,

The application requires an update to the API, incorporating a key-value pair to accommodate the ImportAccountEntJSON scenario. This will enable the extraction of all entitlements. Currently, you may only utilize the first API to retrieve the accounts and their corresponding entitlements. It appears that your JSON mapping above is incorrect. Please refer to the relevant section of the developer handbook to rectify the mapping accordingly.

(https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm)

Processing Types

  1. acctToEntMapping - Specify this value when acctEntMappings is defined in accountParams section. The other elements such as connection, http, listField, keyField, entKeyField, acctIdPath need not be added.


Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Go to solution
KhalidAkhterIGA
New Contributor II
New Contributor II

‎01/10/2024 12:16 PM

Hi @fuko 

I can see a few misconfigurations as of now in the above import JSON. Please refer to the updated JSON below and make changes accordingly and see if it works.

"accountParams": {
    "connection": "acctAuth",
    "processingType": "SequentialAndIterative",
    "statusAndThresholdConfig": {},
    "call": {
      "call1": {
        "callOrder": 0,
        "stageNumber": 0,
        "http": {
          "url": "https://xxx/rest/UserManagementAPI/AppUserBasedRoleList",
          "httpHeaders": {
            "appkey": "${API_KEY}",
            "Accept": "application/json"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "listField": "UserRoleDetails",
        "keyField": "accountID",
        "colsToPropsMap": {
          "accountID": "UserId~#~char"
        }
      }
    },
    "acctEntMappings": {
      "Role": {
        "listPath": "Role",
        "idPath": "",
        "keyField": "entitlementID"
      }
    }
  }

Go to solution
fuko
New Contributor III
New Contributor III

‎01/14/2024 03:28 PM - edited ‎01/14/2024 03:31 PM

Thanks all for your suggestion! The ImportAccountEntJSON  was indeed misconfigured and since I am able to mock and manipulate the response of the application, I play it around until finding out the correct format to accommodate the ImportAccountEntJSON scenario.

The endpoints are updated as below

 

 

 

EndpointSample Result
AppUserList
{
  "ApplicationCode""FBC_Control",
  "Users": [
    {
      "UserId""jesse_faden",
      "UserName""Jesse Faden",
      "Email""jesse.faden@fbc.com"
    },
    {
      "UserId""hellen_marshall",
      "UserName""Hellen Marshall",
      "Email""hellen.marshall@fbc.com"
    }
  ]
}
AppRoleList
{
  "ApplicationCode""FBC_Control",
  "RoleList": [
    {
      "name""FBC_Director"
    },
    {
      "name""FBC_Head_of_Operations"
    },
    {
      "name""FBC_Hiss_Possessed"
    }
  ]

}
AppUserRoleList
[
  {
    "ApplicationCode""FBC_Control",
    "UserID""jesse_faden",
    "RoleName""FBC_Director"
  },
  {
    "ApplicationCode""FBC_Control",
    "UserID""hellen_marshall",
    "RoleName""FBC_Head_of_Operations"
  },
  {
    "ApplicationCode""FBC_Control",
    "UserID""hellen_marshall",
    "RoleName""FBC_Hiss_Possessed"
  }
]

And this ImportAccountEntJSON works:

 

 

 

 

 

 

{
  "accountParams": {
      "connection": "acctAuth",
      "processingType": "SequentialAndIterative",
      "statusAndThresholdConfig": {},
      "call": {
        "call1": {
          "callOrder": 0,
          "stageNumber": 0,
          "http": {
            "url": "https://<domain>/rest/UserManagementAPI/AppUserList",
            "httpHeaders": {
              "x-api-key": "XXX",
              "Accept": "application/json"
            },
            "httpContentType": "application/json",
            "httpMethod": "GET"
          },
          "listField": "Users",
          "keyField": "accountID",
          "statusConfig": {
            "active": "true",
            "inactive": "false"
          },
          "colsToPropsMap": {
            "accountID": "UserId~#~char",
            "name": "Email~#~char",
            "displayName": "UserName~#~char"
          }
        }
      }
  },
  "entitlementParams": {
    "connection": "acctAuth",
    "processingType": "SequentialAndIterative",
    "entTypes": {
      "Role": {
        "entTypeOrder": 1,
        "call": {
          "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "disableDeletedEntitlements": true,
            "http": {
              "url": "https://<domain>/rest/UserManagementAPI/AppRoleList",
              "httpMethod": "GET",
              "httpContentType": "application/json",
              "httpHeaders": {
                "x-api-key": "XXX",
                "Accept": "application/json"
              }
            },
            "listField": "RoleList",
            "keyField": "entitlementID",
            "colsToPropsMap": {
              "entitlement_value": "name~#~char",
              "entitlementID": "name~#~char"
            }
          }
        }
      }
    }
  },
  "acctEntParams": {
    "entTypes": {
      "Role": {
        "call": {
          "call1": {
            "processingType": "http",
            "connection": "acctAuth",
            "callOrder": 0,
            "stageNumber": 0,
            "http": {
              "httpHeaders": {
                "x-api-key": "XXX",
                "Accept": "application/json"
              },
              "url": "https://<domain>/rest/UserManagementAPI/AppUserRoleList",
              "httpContentType": "application/json",
              "httpMethod": "GET"
            },
            "listField": "",
            "acctIdPath": "UserID",
            "entIdPath": "RoleName",
            "acctKeyField": "accountID",
            "entKeyField": "entitlementID"
          }
        }
      }
    }
  }
}

 

 

 

 

 

 

Go to solution
rushikeshvartak
All-Star
All-Star
In response to fuko

‎01/14/2024 05:19 PM

what was taregt product here 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
fuko
New Contributor III
New Contributor III
In response to rushikeshvartak

‎01/14/2024 10:19 PM

Hi @rushikeshvartak , the target application is the OutSystems platform and its built applications. The team there are able to expose API to manage users and roles.

0 Kudos
Copyright © 2024 Khoros, LLC