Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SharePoint - Account and Entitlement Import with REST connector

hshekhar
New Contributor II
New Contributor II

‎07/14/2024 10:15 PM - edited ‎07/14/2024 10:16 PM

Hi team, 
 
Has anyone imported Microsoft SharePoint's sites and groups data to Saviynt using REST connector?
 
As Saviynt suggested to integrate SharePoint with only REST connector and use REST connector for both import and provisioning.
We see straight forward API for provisioning but to import SharePoint sites and group membership, it seems tricky. 
 
Following are the steps and call to get site groups and users: 
 
1.   First, we need to import all sites 
 
method: GET
 
2.   Import all groups of each site (i.e. hit different url for each site)
 
url: https://tenant.sharepoint.com/sites/{one site}/_api/web/sitegroups
method: GET
 
3.   Import all users of each group of each site (i.e. hit different url for each group id)
 
url: https://tenant.sharepoint.com/sites/{one site}/_api/Web/SiteGroups({one group id})/users
method: GET
 
 
How to prepare Account Entitlement Import JSON based on above information?
 
Labels:
0 Kudos
7 REPLIES 7

sudeshjaiswal
Saviynt Employee
Saviynt Employee

‎07/15/2024 11:09 PM

Hello @hshekhar,

Please refer the below post,
https://forums.saviynt.com/t5/identity-governance/o365-connector-details/m-p/64766#M40291 
https://forums.saviynt.com/t5/identity-governance/how-to-retrieve-tenant-id-for-sharepoint-for-offic... 

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".
0 Kudos

hshekhar
New Contributor II
New Contributor II

‎07/16/2024 04:23 AM - edited ‎07/16/2024 04:23 AM

Hi @sudeshjaiswal ,

 

I do not see anywhere how to import SharePoint site, site groups and user via REST. 

 

0 Kudos

sudeshjaiswal
Saviynt Employee
Saviynt Employee
In response to hshekhar

‎07/23/2024 11:51 PM - edited ‎07/23/2024 11:51 PM

Hello @hshekhar,

As i havent seen any customer using rest to import SharePoint site, site groups and user.
But you may try by refering this document and our saviynt rest connector guide to build the connector.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".
0 Kudos

hshekhar
New Contributor II
New Contributor II

‎07/24/2024 10:25 AM

Hi @sudeshjaiswal ,

The problem is that how can we formulate the AccEntImportJSON based on below information:

 
1.   First, we need to import all sites 
method: GET
 
2.   Import all groups of each site (i.e. hit different url for each site)
url: https://tenant.sharepoint.com/sites/{one site}/_api/web/sitegroups
method: GET
 
3.   Import all users of each group of each site (i.e. hit different url for each group id)
url: https://tenant.sharepoint.com/sites/{one site}/_api/Web/SiteGroups({one group id})/users
method: GET

Since we need to run API call inside another API call in loop and there will be two loops. Also, we need to pass one API's call result data value to another API's url.  Not sure if it is possible with Saviynt REST connector.

0 Kudos

sudeshjaiswal
Saviynt Employee
Saviynt Employee
In response to hshekhar

‎07/25/2024 01:12 AM - edited ‎07/25/2024 01:14 AM

Hello @hshekhar,

Yes this should be possible to achieve via saviynt rest connector, Please find one sample below

 

{
	"accountParams": {
		"connection": "acctAuth",
		"processingType": "SequentialAndIterative",
		"call": {
			"call1": {
				"callOrder": 0,
				"stageNumber": 0,
				"listField": "data.accounts",
				"keyField": "accountID",
				"disableDeletedAccounts": true,
				"http": {
					"url": "https://azure.cloud/sharepoint/account/recon",
					"httpMethod": "POST",
					"httpContentType": "application/json",
					"httpHeaders": {
						"Authorization": "${access_token}"
					}
				},
				"colsToPropsMap": {
					"accountID": "accountID~#~char",
					"accounttype": "accounttype~#~char",
					"displayname": "displayName~#~char",
					"name": "name~#~char",
					"status": "status~#~bool"
				},
				"statusConfig": {
					"active": "true",
					"inactive": "false"
				}
			}
		}
	},
	"entitlementParams": {
		"processingType": "SequentialAndIterative",
		"entTypes": {
            "Group": {
				"entTypeOrder": 0,
				"call": {
					"call1": {
						"callOrder": 0,
						"stageNumber": 0,
						"connection": "acctAuth",
						"listField": "data.entitlements",
						"keyField": "entitlementID",
						"disableDeletedEntitlements": true,
						"http": {
							"url": "https://azure.cloud/sharepoint/entitlement/recon/groups",
							"httpMethod": "POST",
							"httpContentType": "application/json",
							"httpHeaders": {
								"Authorization": "${access_token}"
							}
						},
						"colsToPropsMap": {
							"CustomProperty1": "customproperty1~#~char",
							"CustomProperty2": "customproperty2~#~char",
							"CustomProperty3": "customproperty3~#~char",
							"CustomProperty19": "customproperty19~#~char",
							"CustomProperty20": "customproperty20~#~char",
							"CustomProperty21": "customproperty21~#~char",
							"CustomProperty22": "customproperty22~#~char",
							"CustomProperty23": "customproperty23~#~char",
							"CustomProperty24": "customproperty24~#~char",
							"CustomProperty39": "customproperty39~#~char",
							"CustomProperty40": "customproperty40~#~char",
							"description": "description~#~char",
							"displayname": "displayname~#~char",
							"entitlementID": "entitlementID~#~char",
							"entitlement_value": "entitlement_value~#~char",
							"privileged": "privileged~#~char",
							"status": "status~#~char"
						}
					}
				}
			}
		}
	},
	"acctEntParams": {
		"entTypes": {
			"Group": {
				"call": {
					"call1": {
						"connection": "acctAuth",
						"processingType": "http",
						"callOrder": 0,
						"stageNumber": 0,
						"http": {
							"httpHeaders": {
								"Authorization": "${access_token}",
								"Accept": "application/json",
								"Content-Type": "application/json"
							},
							"url": "https://azure.cloud/sharepoint/access/recon/groups",
							"httpContentType": "application/json",
							"httpMethod": "POST"
						},
						"listField": "data.access",
						"acctIdPath": "accountID",
						"entIdPath": "entitlementID"
					}
				}
			}
		}
	}
}

 


Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".
0 Kudos

hshekhar
New Contributor II
New Contributor II

‎07/25/2024 03:05 AM

Hi @sudeshjaiswal ,

 

Can you please explain which call is inside another call's loop and iterating?

Please consider below pointers here:

 
URL
Method
Output
1
GET
siteA
siteB
siteC
2
https://tenant.sharepoint.com/sites/{one site}/_api/web/sitegroups
GET
siteAgroup1
siteAgroup2
siteAgroup3
3
https://tenant.sharepoint.com/sites/{one
site}/_api/Web/SiteGroups({one group id})/users
GET
siteAgroup1user1
siteAgroup1user2
siteAgroup1user3
 
 
  1. As we can see above, the user-group information can be retrieved in 3rd call.
  2. The 3rd call requires group id and site which we can get in 2nd call and it should be iterated in a loop of call 2.
  3. Similarly, the 2nd call will be made for each site we get from call 1. It needs to be iterated in a loop of call 1. 
0 Kudos

sudeshjaiswal
Saviynt Employee
Saviynt Employee
In response to hshekhar

‎08/16/2024 02:07 AM

Hello @hshekhar,

Currently, you wont be able to achieve the above use case using the rest connector.

Thanks,

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".
0 Kudos
Copyright © 2024 Khoros, LLC