We are trying to do manage access of azure AD entitlements, on service now request based. At backend we are trying to Use Sailpoint API calls to pull user & entitlement details. However when trying to get user from Sailpoint API we need to pull data based on email or UPN identity attribute as Sailpoint object ID is not something available in most of systems. As request using object ID in API, we are able get user detail. Can you please help if we can pull user based on any identity attribute instead of Object ID
You can use the search API to grab all identity data including the accounts and access assignments by setting “includeNested” to true in the body.
You can loop through the “access” array that is returned with all roles, access, profiles, entitlements assigned to the user. You would need to look at the source value on each of these to filter for Azure AD access assignments.
Or you can grab the Azure AD account ID from the “accounts” array then call the get account entitlements API endpoint to retrieve the Azure AD entitlements for an identity.