and more in a single search tool across platforms. Read the announcement here. |
on 04/23/2024 09:09 AM
The requirement is to trigger the birthright technical rule for existing users without using the detective job.
For an existing user, birthright technical rules can be invoked by either detective job or through re-run technical rules as an action in user update rules. Detective job may take more time and resources as it will scan the whole DB table and can impact performance, so it is recommended to be used only when needed. Alternative approach to trigger birthright rule is by using user update rule. The user update rule can be triggered by changing some custom property value on the users with trigger condition of update through UI or user is updated via import.
In this approach we will create the user update rule with a trigger condition -User is updated from import. We be updating the user’s custom property (customproperty25) with the help of user import job via SAV4SAV REST connection. It will trigger the user update rule and technical rules will re-run as a part of the user update rule action.
Saviynt4Saviynt REST connection is needed to be setup to achieve the use case. Please refer to the REST Connector guide to understand more about how to setup a REST Connection.
REST Connector developer's handbook: Developers Handbook (saviyntcloud.com)
This is applicable to all versions of EIC.
Below are the high-level steps to achieve this use case.
As a sample, we have a user with requirement of provisioning an account and access to the target system. The number of users can be anything. As an example, we are taking one user here.
There is a user with username TestUser_U1.
Technical Rule – Birthright+ Remove if birthright fails. (Detective Not selected)
User update rule
Trigger condition – Trigger when user is updated from import
Sav4Sav Connection
Create a Sav4Sav connection and use the importuser JSON like below.
ImportUserJSON
In this JSON, we are trying to update the value of customproperty25 with the value of location.
{
"connection": "userAuth",
"url": "https://XYZ.saviyntcloud.com/ECM/api/v5/getUser",
"httpMethod": "POST",
"httpHeaders": {
"Authorization": "${access_token}",
"contentType": "application/json"
},
"httpParams": "{\"userQuery\":\"username like 'TestUser_U1' \"}",
"httpContentType": "application/json",
"colsToPropsMap": {
"username": "username~#~char",
"locationdesc": "locationdesc~#~char",
"street": "street~#~char",
"city": "city~#~char",
"state": "state~#~char",
"country": "country~#~char",
"customproperty25": "location~#~char"
},
"userResponsePath": "userdetails",
"pagination": {
"offset": {
"offsetParam": "offset",
"batchParam": "max",
"batchSize": 10000,
"totalCountPath": "completeResponseMap.total"
}
}
}
Run the userimport job with connection as sav4sav and below checkboxes should be selected.
Run the userimportjob and wait till the Job shows success message.
We can see that the Custom property 25 is updated, and rules are triggered.
Corresponding new account and add access tasks are created as per the actions defined in birthright technical rule.
In this way, we are able to trigger the birthright technical rule for an existing user without making use of detective job.