Aggregating Entitlements from CSV File Based on Plan ID

sita_ram · November 10, 2024, 7:04pm

Hello Sailpoint community,

I’m trying to aggregate account and entitlement information from a single CSV file into my Sailpoint account schema. However, I’m running into an issue where I’m only getting unique values of Role, but not referencing to Plan ID.

Here’s a sample of my CSV file:

UserId, LastName, FirstName, Email ID, Plan ID, Attribute
Abc, Last, First, [email protected], A, TeamWorkspace
Abc, Last, First, [email protected], A, ViewData
Abc, Last, First, [email protected], A, Upload file
Abc, Last, First, [email protected], B, TeamWorkspace
Abc, Last, First, [email protected], B, ViewData
Abc, Last, First, [email protected], B, Upload file

My account schema looks like this: [attach screenshot]

I want to aggregate the entitlements (Roles) based on the Plan ID, so that I can properly assign the entitlements to an account. For example, for Plan ID A, I want to assign TeamWorkspace, ViewData, and Upload file entitlements to the account.

Can anyone help me with this? How can I achieve this in Sailpoint?

Expected Output:

For each account, I want to have a list of entitlements (Roles) that are specific to the Plan ID. For example:

Account: Abc. Last, First ([email protected])
- Plan ID A: TeamWorkspace, ViewData, Upload file
- Plan ID B: TeamWorkspace, ViewData, Upload file

Thank you for your help!

liamkokeeffe · November 11, 2024, 1:03am

Hi Sita,

I believe you will need to restructure how you are defining the entitlements. I do not think you can link two separate attributes together to define unique entitlements. Some options I can think of below:

Entitlement attributes per plan
- Your account schema would have an entitlement attribute per plan (PlanA Roles, PlanB Roles, etc). Then in your CSV you would specify TeamWorkspace, ViewData, etc under the appropriate plan attribute
One account entitlement attribute Plan - Role
- Your entitlements would be named like Plan A - TeamWorkspace, Plan B - TeamWorkspace
Create an entitlement grouping structure
- Plan A with all three roles is called a unique name vs Plan B with all three roles. Would need to create unique names for each combination

Thanks,

Liam

sagar_kamalakar · November 12, 2024, 5:32am

Hi Sita,

If I understand your requirement correctly you have configured Generic Flat File type connector? and as per the above sample csv. When you aggregate accounts your attribute field should populate three values as TeamWorkspace, ViewData, Upload file for plan id A. You don’t need a separate configuration to assign entitlements on the basis of plan ID if your csv file format is standard as above.

sk8er23 · November 19, 2024, 7:10pm

QQ: Is the current file format required to write-back to the application?

Topic		Replies	Views
Push User entitlements into IDN ISC Discussion and Questions apis , identity-security-cloud , entitlements	8	444	June 19, 2023
Aggregate Entitlement and Accounts from JDBC Source ISC Discussion and Questions aggregation , identity-security-cloud , provisioning , entitlements , jdbc-connector	17	1798	October 6, 2023
Entitlement Aggregation Issue with Group Aggregation HTTP Operation ISC Discussion and Questions webservice-connector , apis , identity-security-cloud	4	54	September 30, 2024
Provisioning using Web Service Connector and APIs: How to Add Entitlements with Individual API Calls ISC Discussion and Questions webservice-connector , identity-security-cloud , provisioning	5	68	October 17, 2024
Upload entitlement CSV for direct connector ISC Discussion and Questions aggregation , entitlements	2	490	July 19, 2023

Aggregating Entitlements from CSV File Based on Plan ID

Related topics