and more in a single search tool across platforms. Read the announcement here. |
01/08/2024 03:03 AM
Hello Saviynt Support team,
With these two provided endpoints from target applications where the former returns a list of users with their associated and the latter returns a list of roles.
Endpoint | Sample result |
https://xxx/rest/UserManagementAPI/AppUserBasedRoleList | { "ApplicationCode": "Award_Roles", "UserRoleDetails": [ { "UserId": "bruce", "Role": [ "Award_Director" ] }, { "UserId": "barney", "Role": [ "Award_Staff" ] } ] } |
https://XXX/rest/UserManagementAPI/AppRoleList | { "ApplicationCode": "Award_Roles", "RoleList": [ "Award_PanelMember", "Award_Director", "Award_Admin", "Award_Staff" ] } |
According to Developers Handbook at https://docs.saviyntcloud.com/bundle/REST-v2022x/page/Content/Developers-Handbook.htm#top, I pick the processing type of acctToEntMapping for ImportAccountEntJSON as below.
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxx/rest/UserManagementAPI/AppUserBasedRoleList",
"httpHeaders": {
"appkey": "${API_KEY}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "users",
"keyField": "UserRoleDetails",
"colsToPropsMap": {
"accountID": "UserId~#~char"
}
}
},
"acctEntMappings": {
"Role": {
"listPath": "Role",
"idPath": "",
"keyField": "entitlementID"
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Role": {
"entTypeOrder": 1,
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://XXX/rest/UserManagementAPI/AppRoleList",
"httpHeaders": {
"appkey": "${API_KEY}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "RoleList",
"keyField": "",
"colsToPropsMap": {
???
},
"disableDeletedEntitlements": true
}
}
}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}
I don't know how the attributes mapping for the entitlement should happen in here (the colsToPropsMap of entitlementParams) since the results the role returned from endpoint as a list of role name without any ID or in form of key-value pair. Should the application need to update the API to have a key-value pair to fit the ImportAccountEntJSON scenario? Please help me shed a light on it.
Solved! Go to Solution.
01/09/2024 11:30 PM - edited 01/10/2024 07:14 PM
Hello @fuko,
The application requires an update to the API, incorporating a key-value pair to accommodate the ImportAccountEntJSON scenario. This will enable the extraction of all entitlements. Currently, you may only utilize the first API to retrieve the accounts and their corresponding entitlements. It appears that your JSON mapping above is incorrect. Please refer to the relevant section of the developer handbook to rectify the mapping accordingly.
(https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm)
Processing Types
acctToEntMapping - Specify this value when acctEntMappings is defined in accountParams section. The other elements such as connection, http, listField, keyField, entKeyField, acctIdPath need not be added.
Thanks
01/10/2024 12:16 PM
Hi @fuko
I can see a few misconfigurations as of now in the above import JSON. Please refer to the updated JSON below and make changes accordingly and see if it works.
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxx/rest/UserManagementAPI/AppUserBasedRoleList",
"httpHeaders": {
"appkey": "${API_KEY}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "UserRoleDetails",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "UserId~#~char"
}
}
},
"acctEntMappings": {
"Role": {
"listPath": "Role",
"idPath": "",
"keyField": "entitlementID"
}
}
}
01/14/2024 03:28 PM - edited 01/14/2024 03:31 PM
Thanks all for your suggestion! The ImportAccountEntJSON was indeed misconfigured and since I am able to mock and manipulate the response of the application, I play it around until finding out the correct format to accommodate the ImportAccountEntJSON scenario.
The endpoints are updated as below
Endpoint | Sample Result |
AppUserList | { |
AppRoleList | { |
AppUserRoleList | [ |
And this ImportAccountEntJSON works:
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://<domain>/rest/UserManagementAPI/AppUserList",
"httpHeaders": {
"x-api-key": "XXX",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "Users",
"keyField": "accountID",
"statusConfig": {
"active": "true",
"inactive": "false"
},
"colsToPropsMap": {
"accountID": "UserId~#~char",
"name": "Email~#~char",
"displayName": "UserName~#~char"
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Role": {
"entTypeOrder": 1,
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"disableDeletedEntitlements": true,
"http": {
"url": "https://<domain>/rest/UserManagementAPI/AppRoleList",
"httpMethod": "GET",
"httpContentType": "application/json",
"httpHeaders": {
"x-api-key": "XXX",
"Accept": "application/json"
}
},
"listField": "RoleList",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "name~#~char",
"entitlementID": "name~#~char"
}
}
}
}
}
},
"acctEntParams": {
"entTypes": {
"Role": {
"call": {
"call1": {
"processingType": "http",
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"x-api-key": "XXX",
"Accept": "application/json"
},
"url": "https://<domain>/rest/UserManagementAPI/AppUserRoleList",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "",
"acctIdPath": "UserID",
"entIdPath": "RoleName",
"acctKeyField": "accountID",
"entKeyField": "entitlementID"
}
}
}
}
}
}
01/14/2024 05:19 PM
what was taregt product here
01/14/2024 10:19 PM
Hi @rushikeshvartak , the target application is the OutSystems platform and its built applications. The team there are able to expose API to manage users and roles.