Can We Change the Response Code Using After Operations Rule

jespaancy · June 3, 2024, 7:16am

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

Grant Role API for one of our applications always returns 200 response code but the response body has a parameter (IsSuccess=true/false) using which we can identify whether it actually the role to the user on end system or not.

SailPoint will always commit the status as response returned is 200. Is there a way to fail the access request by reading the response in this case if provisioning on end system got failed?

I have followed answer given in https://community.sailpoint.com/t5/IdentityIQ-Forum/Webservices-Connector-Can-We-Change-the-Response-Code-Using/m-p/197044.

true

I have added above lines in my app.xml file and handled exception in webserviceafteropsrule. rule is returning Process response ex: sailpoint.tools.GeneralException: operation has failed based on the response value(issucces=false) but I did not see any error on the UI and can see status committed only. Please advise what to do.

ashutosh08 · June 3, 2024, 7:18am

Hi @jespaancy,

Welcome back to SailPoint developer community.

Could you please share the snippet that you are using so that accordingly we can help.

Thanks

jespaancy · June 3, 2024, 7:18am

i had added below in the app.xml also

<entry key="throwProvAfterRuleException">
  <value>
    <Boolean>true</Boolean>
  </value>
</entry>

ashutosh08 · June 3, 2024, 7:23am

Hi @jespaancy,

Your request is not committing, or your failure processing is not working as per your expectation?

If possible, please share the rule snippet after removing sensitive details.

Thanks

jespaancy · June 3, 2024, 7:26am

{
Map resJsonMap = JsonUtil.toMap(rawResponseObject);
boolean value1=true;
Object userEntry = resJsonMap.get("issuccess");					
					if (userEntry != null) {										
						value1 = (boolean)userEntry;						
						if (value1 == false){						
                        log.error(jsonMap.get("status"));
                        throw new GeneralException("operation has failed");                      
                         }

jespaancy · June 3, 2024, 7:37am

hi Ashutosh, API is returning response code 200 for incorrect input but response message shows issuccess false.
IIQ UI shows operation status committed but i need to see failure .

ashutosh08 · June 3, 2024, 7:41am

What is your response status mapping?

ashutosh08 · June 3, 2024, 7:49am

Hi @jespaancy,

Can you set the value to false and try.

Please refer to the below link.

Thanks

jespaancy · June 3, 2024, 7:58am

i changed to false but still i did not any error in the UI.response is below. I did not create any schema attribute for response. so i did not map response.

{
    "issuccess": false,
    "message": "winms - Invalid User ID."
}

iiq log shows below

2024-06-03T11:58:08,222 ERROR https-openssl-nio-443-exec-5 connector.webservices.v2.RequestOrchestratorV2:166 - value from JSON Body :::: false
2024-06-03T11:58:08,222 ERROR https-openssl-nio-443-exec-5 connector.webservices.v2.RequestOrchestratorV2:166 - Rule - Process response ex: sailpoint.tools.GeneralException: operation has failed
2024-06-03T11:58:08,238 ERROR https-openssl-nio-443-exec-5 connector.webservices.v2.RequestOrchestratorV2:166 - Rule - Process response : end
2024-06-03T11:58:08,238 DEBUG https-openssl-nio-443-exec-5 connector.webservices.v2.RequestOrchestratorV2:672 - Updated info map after operation rule post-processing: {issuccess=false, message=HUANGJJP - Invalid User ID.}

jespaancy · June 3, 2024, 8:18am

ashutosh08 · June 3, 2024, 8:32am

Hi @jespaancy,

Have you mapped any code in the below snapshot in Successful Response Code?

ashutosh08 · June 3, 2024, 8:35am

Also please try to get details of requestEndpoint in the log that what is the responseCodeList.

Thanks

jespaancy · June 3, 2024, 8:35am

yes as below

ashutosh08 · June 3, 2024, 8:36am

Please change it once and see if it works .

jespaancy · June 3, 2024, 8:37am

IIQ is getting response code 200

ashutosh08 · June 3, 2024, 8:38am

Hi @jespaancy,

You may have to modify this as for your case it is not criteria for successful response.

Thanks

jespaancy · June 3, 2024, 8:42am

hi,
i removed successful response code as below but still getting status comitted

ashutosh08 · June 3, 2024, 9:39am

Hi @jespaancy,

Can you check if there is any cache issue ? As with exception throw and the below attribute mapped it should accept your change.

<entry key="throwProvAfterRuleException">
        <value>
          <Boolean>true</Boolean>
        </value>
      </entry>

jespaancy · June 3, 2024, 9:52am

hi
I cleared cache from debug page and cleared browser cache also but got the response same as before only.

ashutosh08 · June 3, 2024, 10:00am

Please share your application.xml

Topic		Replies	Views
Complete/Fail tasks based on webservice response body IIQ Discussion and Questions webservice-connector , identityiq	4	106	July 29, 2024
Requests failing with NoHttpResponseException IIQ Discussion and Questions webservice-connector , identityiq	4	15	October 4, 2024
WebServiceAfterOperationRule does not update return variable ISC Discussion and Questions	2	634	July 19, 2023
Check return code from an http request ISC Discussion and Questions identity-security-cloud	4	146	June 29, 2024
Not able to get the response from Sap-Grc IIQ Discussion and Questions identityiq , provisioning , roles , access-requests	8	639	November 22, 2023

Can We Change the Response Code Using After Operations Rule

Which IIQ version are you inquiring about?

Share all details related to your problem, including any error messages you may have received.

Related Topics