Hi All,
I am trying to work on a compare string operator where i need to ignore couple of entitlements if thought they were added outside of ISC so that we donot revoke them. however, compare string is not working as expected.
Any help is much appreciated in advance.
Thanks
I have used $.loop.loopInput.id == $.defineVariable.entitlementById
Hi @bkumar592
Could you explain what exactly are you trying to achieve using this workflow?
What the ‘Define Variable’ operator is used for?
Could you download the workflow JSON and then share it? Please mask any sensitive data or your tenant related info.
Thanks @nhassan for the response.
In define variable we have defined an entitlement id so that it can be ignored from revoking the request, even it was added directly from AD.
I hope it helps. Also refer the attachments.
ADSourceRevokeEntitlementAdditionsDetectedasNativeChangeAccountUpdated20251216.json (4.3 KB)
Could you try the attached JSON?
Inside the loop, I used the static value (entitlement Id) in value 2 of the comparison operator to compare it against instead of using a ‘Define Variable’ operator.
Give it a try in your sandbox environment and then share the test result?
ADSourceRevokeEntitlementAdditionsDetectedasNativeChangeAccountUpdated20251216.json (3.9 KB)
@nhassan , I tried it but still it is going into the false loop and an access request getting created and email being sent
Can you try using this JSONPath in the loop input as shown in the attached screenshot and hopefully that should work?
$.trigger.entitlementChanges[*].added[*].id
Tried adding the same but no luck it is not working
Try changing the value 1 of ‘Compare Strings’ operator from $.forEachEntitlementAddition.loopInput.id to $.forEachEntitlementAddition.loopInput
Then give it a go.
If still not, try changing the comparison operator from Equals to Matches to see if that works.
The loop input should be set to $.trigger.entitlementChanges[*].added[*].id
Building further on @nhassan ‘s response:
Why not try this as loop input?
$.trigger.entitlementChanges[*].added[?(@.id != ‘ENTITLEMENT_ID_TO_EXCLUDE’)]
this way you will not need compare operator inside the loop
1 Like
I tried this Nitesh, but it is not going inside the loop
I think this should be $.trigger.entitlementChanges[*].added[?(@.id != "ENTITLEMENT_ID_TO_EXCLUDE")]
2 Likes
Can you also please try this in the loop input?
$.trigger.entitlementChanges[0].added[0].id and then use the compare strings operator?
Set the value 1 of ‘Compare Strings’ operator as $.forEachEntitlementAddition.loopInput
@nhassan @iamnithesh this is working now, Thanks for the inputs and help.
2 Likes
Please share the final workflow so that it can help others in future
Sure Nitesh, will share here once I am done
Hi All, Attaching here the working native change detection workflow where it will ignore one of the entitlement to be processed for revocation request and sending email.
Thanks
Narendra
NCD.json (3.4 KB)