Bulk Remove Tags via Search Query in Workflow

sjoyee · April 30, 2024, 4:02am

Hi all.

In our use case, we would like to bulk remove tags from the identities with certain tag using the HTTP Request action with this API delete-tags-to-many-object | SailPoint Developer Community in the workflow.

I notice that when querying out the identities using search query filtering out only the identity ID, the return response is as follows, where the type value is in lower case.

[
      {
          "id": "1231111111111111111",
          "_type": "identity",
          "type": "identity",
          "_version": "v7"
      },
      {
          "id": "4561111111111111111",
          "_type": "identity",
          "type": "identity",
          "_version": "v7"
      },
      {
          "id": "7891111111111111111",
          "_type": "identity",
          "type": "identity",
          "_version": "v7"
      }
]

However, in the bulk remove API, the value for type is in upper case. "type":"IDENTITY" as follows, and will throw 500 Internal Server Error if lower case is used.

{
    "objectRefs": [
        {
            "id": "1231111111111111111",
            "type": "IDENTITY"
        },
        {
            "id": "4561111111111111111",
            "type": "IDENTITY"
        },
        {
            "id": "7891111111111111111",
            "type": "IDENTITY"
        }
    ],
    "tags": [
        "TEST_TAG"
    ]
}

Is there any suggested way in the workflow for us to directly place the return output of the queried identities in the payload for the bulk removal of tag API? Else we would need to consider using loop action and remove tag one by one for each queried identity.

Appreciate any input. Thanks!

sushantkulkarni · April 30, 2024, 2:11pm

@sjoyee I’ve observed the same thing when using the bulk remove tag API, and you’re right, it will throw the internal server error for the lowercase type.

Unless there is a change in the way the API response is returned, you’d have to process the response to convert the case, which can be really tricky on a workflow step. I’m trying to think of define variable step, but even that may not be able to pull it off is what it looks like to me.

I guess you can’t avoid looping and doing it once for every user, separately, as painful as that approach seems!

system · June 29, 2024, 2:11pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Workflow - Remove entitlements from sources with a specific tag ISC Discussion and Questions workflows	12	1146	October 24, 2023
Remove Tags from API for campaigns ISC Discussion and Questions apis , identity-security-cloud	3	228	July 12, 2023
Workflow data comparison ISC Discussion and Questions workflows , identity-security-cloud	8	111	November 17, 2024
POST /api/profile/bulkDelete Non-Public API Deprecations deprecated	0	393	March 2, 2023
How to parse and filter JSON String in Sailpoint Workflows? ISC Discussion and Questions workflows , identity-security-cloud	7	214	December 29, 2024

Bulk Remove Tags via Search Query in Workflow

Related topics