Not having much luck searching the docs as well as I have created a support ticket with no luck.
I am working on setting up a Web Service Source in IDN. It aggregates identities and entitlements. The IDENTITY has an attribute called “home” on the source:
home: /home/users/xyz (unique id of user on the platform)
the ENTITLEMENT also has an attribute on it called “home”
home: /home/groups/abc (unique id of the group on the platform) - in the entitlement mapping I have mapped it to an attribute named “entitlementHome” for better seperation.
entitlementHome is not the ID or group Name of the entitlement. There is not an issue with the aggregation at all
When you go to add the user to a group with the “Add Entitlement” operation, the URL looks like:
baseURL\entitlementHome.page.html?addMembers=$plan.email$
so it’d look like:
https://API.X.COM/home/groups/abc.page.html/addMembers=$plan.email$
The problem is getting ahold of the entitlementHome entitlement attribute to insert into the URL. It’s not part of the provisioning plan. If I do $plan.memberOf$ (using the group attribute on the identity) i just get the name of the group (db-abc) instead of the entitlementHome value.
How do I get that attribute to show up in the plan to reference it on the add entitlement operation? It obviously has to be injected into the provisioning plan, and I’ve been playing with adding it via an UPDATE provisioning policy but that is not working. Any help would be appreciated.