Hi all,
I have an identity attribute end date syncing to the epic emp account on change but i want that to get cleared also when the end date identity attribute is blank. The modify request is not triggered since it is skipping blank value attribute sync.
Is there a way to attribute sync blank value using transforms ?
Hi @SBahl,
Welcome to SailPoint Developer Community!!
You can try sending blank string “” or null in place of sending no values.
Let me know if this helps.
Thanks,
Dheeraj
This doesn’t work, already tried this.
I’m not familiar with the EPIC connector but I assume it’s based on a WebService connector.
IIRC the behaviour of a WS connector is to drop the attribute from the json body in case it’s empty or NULL.
I’ve seen a solution where the attribute is set static to “REPLACEME” and in AfterOperation rule replaced to NULL.
You can create first valid transform where you can add an hardcoded date like 2099.so that in case the date is blank it send this value and when date is present it will push the right value
"attributes": {
"ignoreErrors": true,
"values": [
{
"attributes": {
"DATEVALUE": {
"attributes": {
"DATEVALUE": {
"attributes": {
"attributeName": "accountExpires",
"sourceName": "App NAme "
},
"type": "accountAttribute"
},
"value": "#if($DATEVALUE.equalsIgnoreCase('never')) 01/01/2999 #else $DATEVALUE #end"
},
"type": "static"
},
"value": "$DATEVALUE.trim()"
},
"type": "static"
},
"01/01/2999"
]
},
"type": "firstValid"or paste code here
I know we can resolve it in a similar way using the before provisioning rule to add the attribute request with blank value but i was looking for a solution where ISC doesn’t drop the attribute from the request when we send null or blank.
This workaround will not be accepted by the client , I have tried this already and it was working fine. The final requirement is to clear the attribute not put a dummy value which i unreachable. Thanks for the suggestion.
Let’s take a step back, can you check with EPIC team what value we should pass technically. I mean empty (“”) or null or something else.
Later we can figure out how we can sync that value.
Also sometimes, I have seen that if we are trying to replace an attribute which has some value with empty/null, it was ignored. SailPoint Expert Services couldn’t replicate the issue so we can’t say it for sure.
Let’s just think of this problem as we want to sync either “” or null to any down stream application using attribute sync. Sailpoint documentation for Attribute sync confirms that it syncs null values down to the source system if an identity attribute becomes blank. But that is not working. It always ignores the request when value is blank and there is no modify request generated for that attribute.
I know we can add a logic in before provisioning rule to handle this fix but essentially here i am looking for a solution if anyone has tackled this use case using attribute sync.
I might be interpreting this wrong but in the below screenshot documentation confirms that we can sync which is not working in my case.
I don’t have a solution but I don’t believe attribute sync is ignoring a null value. I tested in our sandbox and the events show attribute sync recognized the null value but it did not update in Epic. Issue most likely is wht the value should be passed.
Are you sending null as a string? becuase that would be considered a string with characters.
If not, kindly share the identity attribute mapping and transform if any applied for this.
From what you are saying it seems like it could be an oversight in the Epic connector and may not be possible to workaround with rules or transforms. But you could work around this by using a workflow and calling the PersonnelManagement API when you see that condition. It supports both SOAP and REST. The documentation is open and you can see it here. open.epic :: Explore By Interface Type
Only way to clear attribute values in EPIC connector is using Before provisioning Rule(Cloud Rule), Transforms will use add operation which won’t work as the EPIC system doesn’t accept null/blank/empty values. To clear values in EPIC the operation should be replace which can be done using “accountRequest.add(new ProvisioningPlan.AttributeRequest(“EndDate”, ProvisioningPlan.Operation.Set, “”));” in the Before Provisioning rule.
