Attribute Generator Rule - Unique ID Creation

AnjanaAK · March 19, 2025, 8:03pm

Hi All,
I am trying to build an attribute generator rule to populate value for an attribute called Abbrev during provisioning. I validated the below code and it does not check for unique values and creates the same value for all the identities with the same name.

Example:
Doe, John
This code generates Doe, J for all the users with same name failing to check the uniqueness instead of following the logic in the code, I have used “attrSearchCountAccounts” to check the uniqueness.
Kindly let me know if there is any issue with the code.

Thanks All.

import java.util.ArrayList;
import java.util.List;
import java.util.Arrays;
import org.apache.commons.lang.StringUtils;
import sailpoint.object.Application;
import sailpoint.object.Identity;
import sailpoint.server.IdnRuleUtil;
import sailpoint.tools.GeneralException;
import sailpoint.tools.Util;
import sailpoint.rule.*;

List sourceIDList = new ArrayList(Arrays.asList(new String[]{"....."}));
String abbrev="";

String firstName = StringUtils.trimToNull(identity.getAttribute("firstname"));
String lastName = StringUtils.trimToNull (identity.getAttribute("lastname"));
String middleName = StringUtils.trimToNull (identity.getAttribute ("midddleName"));
String firstchar = StringUtils.substring(firstName, 0, 1);
String middlechar = StringUtils.substring(middleName, 0, 1);
public boolean isUnique(String abbrev){
	String operation = "Equals";
	boolean isUnique = false;
	List searchValues = new ArrayList(Arrays.asList (new String[] {abbrev}));
	if(idn.attrSearchCountAccounts(sourceIDList, "allAbbrev", operation, searchValues) == 0) {
		isUnique = true;
	}else{
		isUnique = false;
	}
	return isUnique;
}

public String createUniqueID(String abbrev) throws Exception{
	long uniqueCounter = 1;
	String tempAbbrev = abbrev + new String(uniqueCounter);
	while(!isUnique(tempAbbrev) && uniqueCounter < 20){
		uniqueCounter++;
		tempAbbrev = abbrev + new String(uniqueCounter);
	}
	if(uniqueCounter >= 20){
		throw new Exception("Unique Name counter exceeds max limit");
	}
	
	return tempAbbrev;
}
if(firstName == null || "".equals(firstName) || lastName == null || "".equals(lastName)){
	throw new Exception("First Name or Last Name is null or empty");
}else{
	abbrev = lastName + ", " + firstchar;
	if(!isUnique(abbrev)){
		abbrev = lastName + ", " + firstName;
		if(!isUnique(abbrev)){
			if(middleName == null || "".equals(middleName)){
				throw new Exception("Middle Name is null or empty");
			}else{
				abbrev = lastName + ", " + firstName + ", " + middlechar;
				if(!isUnique(abbrev)){
					abbrev = lastName + ", " + firstName + ", " + middleName;
					if(!isUnique(abbrev)){
						abbrev = createUniqueID(abbrev);
					}
				}
			}
		}
		return abbrev;
	}else{
		return abbrev;
	}
}

KRM7 · March 19, 2025, 10:26pm

Before checking the Rule, did you consider Generators for your requirement

JackSparrow · March 20, 2025, 4:42am

Hi @AnjanaAK ,

I do see you have sourceIDList, but not adding any sourceIDs to it and you are using it in “isUnique” method. Thus, this method is not returning anything and failing to check uniqueness

List sourceIDList = new ArrayList(Arrays.asList(new String[]{"....."}))

if(idn.attrSearchCountAccounts(sourceIDList, "allAbbrev", operation, searchValues) == 0)

You can get the sourceID using String sourceID = application.getID(); and then add it to the sourceIDList using sourceIDList.add(sourceID);

AnjanaAK · March 20, 2025, 1:14pm

Hi,
I did, but we need to implement multiple “IF ELSE” conditions so I thought rule must the way to go about it.
Example:
(First name + ", " + Last name’s first letter)
If not unique
(First name + ", " + Last name)
If not unique
(First name + ", " + Last name + ", " + Middle name’s first letter)
If not unique
(First name + ", " + Last name + ", " + Middle name)
If not unique
(First name + ", " + Last name + ", " + Middle name + counter

So I am trying to write a rule for the above conditions

AnjanaAK · March 20, 2025, 1:18pm

Hi,
I removed the source ID while posting the code in the community. But while deploying the code it was sent along with the source ID

KRM7 · March 20, 2025, 1:25pm

You should check this Username Generator Transform

JackSparrow · March 20, 2025, 1:41pm

Then I would suggest printing the count value to see if it’s actually give the output

int count = idn.attrSearchCountAccounts(sourceIDList, "allAbbrev", operation, searchValues)
System.out.println("count: " + count);

AnjanaAK · March 20, 2025, 3:41pm

I checked this, but it is mentioned that this transform can be used only for attributes that are marked as AccountID in the account schema

AnjanaAK · March 20, 2025, 3:42pm

It is a cloud rule, is there any way this could be checked. I tired using rule validator and Rule Development Kit none of which checks sailpoint functionalities.

JackSparrow · March 20, 2025, 4:23pm

Nope, we need to raise support case to get the logs.

RAKRHEEM · March 24, 2025, 11:20am

Hi Anjana,
Please have the configuration like this in the Provisioning Policy.
{
“name”: “accountAttribute”,
“transform”: {
“type”: “rule”,
“attributes”: {
“name”: “Your Rule Name”
}
},
“attributes”: {
“sourceCheck”: true
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
}