I have created a web service saas connector in SailPoint ISC and configured few JML operations.
The catch is, My target Application supports only Async REST APIs.
For example, Create Account Operation triggers the Rest API which responds with 2xx and jobId.
Now, the task is getting completed successfully in SailPoint but if the Create operation failed in Target application that it creates a data discrepancy in SailPoint and Target Application. Account that we tried creating is visible in the webservice source.
What is the best way to handle the Async APIs. How can respond back to SailPoint that the task has been failed and SailPoint removes it from the Accounts table as well.?
Probably use a web services after operation rule to parse the response for the original call, grab the jobid, and then perform a check on the jobid status until you get back that it’s complete with either success or a failure. If there is a failure detected in the async job result, throw an exception from the after rule with the response of the job result or some other custom message that indicates the job has failed, this way SailPoint will not assume the provisioning is complete.
How long does the async job typically take to run? The only concern with this approach is the connector timing out due to a prolonged check of the async job in the rule.
How long does the async job typically take to run? The only concern with this approach is the connector timing out due to a prolonged check of the async job in the rule.
It can typically takes 5 mins to 20-30 mins, depending on the load on the system. What could the default time out? Can we increase the timeout to very big number?
Also, to add the polling logic in AfterOperation Rule, i need to add the loop with some Thread.Sleep(). When i tried that via API, it throws an error: Illegal value \"[{\"line\":19,\"column\":13,\"message\":\"Remove reference to Thread\"}
Am i missing anything here? Is there any other way to achieve this?
You could increase the general timeout on the web services sources, but 20 minutes is a long time. If you leave it as it, you want to make sure your account aggregation has the Enable Account Deletion option enabled so even if it thinks it created the account successfully initially, the next aggregation would delete it on the SailPoint side since the account really does not exist.
Thanks for the quick reply. I will definitely try it out.
On a second note, SailPoint does provide a task update API but i could not find a way to forward the TaskId to my API server so that if the task is failed i can update the task status to Failed.
To do a POC, I call the Disable account operation via API only to get the taskId and later marked the status of that task to FAILED but that account remains disable in the SailPoint source. Also the event shows as successful.
Is this a way i can achieve the async task handling? Am I missing anything here?
Is there a way to view all tasks on SailPoint?