Hi ISC Gurus,
I’ve created a very simple workflow where the trigger is “Access Request Decision”. In the flow I’ve defined a string variable with Define Variable operator. The goal is to use a Compare String operator where I am comparing the application name from the Access Request with the static variable. The issue comes when I pass the value from the Access Request. It seems that the Compare String operator is not recognizing the Access Request Decision JSONPath.
Workflow:
Workflow JSON:
{
"name": "Sample",
"description": "",
"modified": "2025-03-11T16:38:50.482520759Z",
"modifiedBy": {
"type": "IDENTITY",
"id": "5fdd81e8520d4d1faeascb4b8d1f39f167",
"name": "*******"
},
"definition": {
"start": "Define Variable",
"steps": {
"Compare Strings": {
"choiceList": [
{
"comparator": "StringEquals",
"nextStep": "End Step - Success 1",
"variableA.$": "$.requestedItemsStatus[*].clientMetadata.requestedAppName",
"variableB.$": "$.defineVariable.applicationName"
}
],
"defaultStep": "End Step - Success 1",
"displayName": "",
"type": "choice"
},
"Define Variable": {
"attributes": {
"id": "sp:define-variable",
"variables": [
{
"description": "This is the Default Access Profile name which will be assigned to the identity",
"name": "Default Access Profile Name",
"transforms": [],
"variableA": "***** Access ****** - Basic Users"
},
{
"description": "This is the application name which we compare against the Access Request.",
"name": "Application Name",
"transforms": [],
"variableA": "Privileged Access Management"
}
]
},
"displayName": " Application and Default Access Profile",
"nextStep": "Compare Strings",
"type": "Mutation"
},
"End Step - Success 1": {
"description": "s",
"displayName": "",
"type": "success"
}
}
},
"creator": {
"type": "IDENTITY",
"id": "5fdd81e8520d4asd1faecb4b8d1f39f167",
"name": "*******"
},
"trigger": {
"type": "EVENT",
"attributes": {
"filter.$": "$.requestedItemsStatus[?(@.type== \"ACCESS_PROFILE\" && @.operation == \"Add\")]",
"id": "idn:access-request-post-approval"
}
}
}
JsonPath Validator:
Workflow Input:
{
"accessRequestId": "******************************",
"requestedBy": {
"id": "*******************************",
"name": "Privileged Access Management",
"type": "IDENTITY"
},
"requestedFor": {
"id": "**********************************",
"name": "******************",
"type": "IDENTITY"
},
"requestedItemsStatus": [
{
"accessRequestContext": null,
"approvalInfo": [],
"clientMetadata": {
"requestedAppId": "*************************",
"requestedAppName": "Privileged Access Management"
},
"comment": "",
"description": null,
"id": "**************************************",
"name": "Privileged Access Management - B* T***",
"operation": "Add",
"type": "ACCESS_PROFILE"
}
]
}
Workflow Output:
[
{
"type": "WorkflowExecutionStarted",
"timestamp": "2025-03-11T16:46:12.981989909Z",
"attributes": {
"input": {
"accessRequestId": "**********************************",
"requestedBy": {
"id": "5fdd81e8520d4d1faecb4b8d1f39f167",
"name": "Privileged Access Management",
"type": "IDENTITY"
},
"requestedFor": {
"id": "c43f2f0d88ae47ec82c62c4c1e0d2e62",
"name": "*******************",
"type": "IDENTITY"
},
"requestedItemsStatus": [
{
"accessRequestContext": null,
"approvalInfo": [],
"clientMetadata": {
"requestedAppId": "*****************************",
"requestedAppName": "Privileged Access Management"
},
"comment": "",
"description": null,
"id": "fa0c9a6428dd4b5f9ea5016f3c27ec2d",
"name": "Privileged Access Management - B* **st",
"operation": "Add",
"type": "ACCESS_PROFILE"
}
]
}
}
},
{
"type": "ActivityTaskScheduled",
"timestamp": "2025-03-11T16:46:13.087252278Z",
"attributes": {
"displayName": "Application and Default Access Profile",
"input": {
"id": "sp:define-variable",
"variables": [
{
"description": "This is the Default Access Profile name which will be assigned to the identity",
"name": "Default Access Profile Name",
"transforms": [],
"variableA": "Privileged Access Management - B**** U****"
},
{
"description": "This is the application name which we compare against the Access Request.",
"name": "Application Name",
"transforms": [],
"variableA": "Privileged Access Management"
}
]
},
"stepName": "defineVariable",
"task": "sp:internal:operator:mutative",
"technicalName": "Define Variable"
}
},
{
"type": "ActivityTaskStarted",
"timestamp": "2025-03-11T16:46:13.096508127Z",
"attributes": {
"attempts": 1,
"displayName": "Application and Default Access Profile",
"stepName": "defineVariable",
"task": "sp:internal:operator:mutative",
"technicalName": "Define Variable"
}
},
{
"type": "ActivityTaskCompleted",
"timestamp": "2025-03-11T16:46:13.133309443Z",
"attributes": {
"displayName": "Application and Default Access Profile",
"result": {
"applicationName": "Privileged Access Management",
"defaultAccessProfileName": "Privileged Access Management - B**** U****"
},
"stepName": "defineVariable",
"task": "sp:internal:operator:mutative",
"technicalName": "Define Variable"
}
},
{
"type": "ActivityTaskScheduled",
"timestamp": "2025-03-11T16:46:13.171286052Z",
"attributes": {
"displayName": "Compare Strings",
"input": {
"compareStrings": {
"ChoiceList": [
{
"Comparator": "StringEquals",
"NextStep": "End Step - Success 1",
"VariableA.$": "$.requestedItemsStatus[*].clientMetadata.requestedAppName",
"VariableB.$": "$.defineVariable.applicationName"
}
],
"DefaultStep": "End Step - Success 1",
"Name": "Compare Strings",
"SelectInput": "$",
"SelectOutput": "$",
"SelectResult": "$",
"Type": "choice"
},
"defineVariable": {
"applicationName": "Privileged Access Management",
"defaultAccessProfileName": "Privileged Access Management - B**** U****"
},
"trigger": {
"accessRequestId": "**********************************",
"requestedBy": {
"id": "5fdd81e8520d4d1faecb4b8d1f39f167",
"name": "Privileged Access Management",
"type": "IDENTITY"
},
"requestedFor": {
"id": "c43f2f0d88ae47ec82c62c4c1e0d2e62",
"name": "*******************",
"type": "IDENTITY"
},
"requestedItemsStatus": [
{
"accessRequestContext": null,
"approvalInfo": [],
"clientMetadata": {
"requestedAppId": "*****************************",
"requestedAppName": "Privileged Access Management"
},
"comment": "",
"description": null,
"id": "************************************",
"name": "Privileged Access Management - B* **st",
"operation": "Add",
"type": "ACCESS_PROFILE"
}
]
}
},
"stepName": "compareStrings",
"task": "sp:internal:operator",
"technicalName": "Compare Strings"
}
},
{
"type": "ActivityTaskStarted",
"timestamp": "2025-03-11T16:46:13.179408569Z",
"attributes": {
"attempts": 1,
"displayName": "Compare Strings",
"stepName": "compareStrings",
"task": "sp:internal:operator",
"technicalName": "Compare Strings"
}
},
{
"type": "ActivityTaskCompleted",
"timestamp": "2025-03-11T16:46:13.21683313Z",
"attributes": {
"displayName": "Compare Strings",
"result": {
"next": "End Step - Success 1",
**"output": false**
},
"stepName": "compareStrings",
"task": "sp:internal:operator",
"technicalName": "Compare Strings"
}
},
{
"type": "ActivityTaskScheduled",
"timestamp": "2025-03-11T16:46:13.262917191Z",
"attributes": {
"displayName": "End Step - Success 1",
"input": {},
"stepName": "End Step - Success 1",
"task": "sp:internal:operator",
"technicalName": "End Step - Success 1"
}
},
{
"type": "ActivityTaskStarted",
"timestamp": "2025-03-11T16:46:13.269980412Z",
"attributes": {
"attempts": 1,
"displayName": "End Step - Success 1",
"stepName": "End Step - Success 1",
"task": "sp:internal:operator",
"technicalName": "End Step - Success 1"
}
},
{
"type": "ActivityTaskCompleted",
"timestamp": "2025-03-11T16:46:13.306031522Z",
"attributes": {
"displayName": "End Step - Success 1",
"result": {},
"stepName": "End Step - Success 1",
"task": "sp:internal:operator",
"technicalName": "End Step - Success 1"
}
},
{
"type": "WorkflowExecutionCompleted",
"timestamp": "2025-03-11T16:46:13.343280228Z",
"attributes": {
"result": {
"b049211baa-42cb-4c19-9da2-dcad2a2a5f68": "0192158619-7ff5-7f17-bf1a-7a956efbf03d",
"compareStrings": {
"ChoiceList": [
{
"Comparator": "StringEquals",
"NextStep": "End Step - Success 1",
"VariableA.$": "$.requestedItemsStatus[*].clientMetadata.requestedAppName",
"VariableB.$": "$.defineVariable.applicationName"
}
],
"DefaultStep": "End Step - Success 1",
"Name": "Compare Strings",
"SelectInput": "$",
"SelectOutput": "$",
"SelectResult": "$",
"Type": "choice"
},
"defineVariable": {
"applicationName": "Privileged Access Management",
"defaultAccessProfileName": "Privileged Access Management - B**** U****"
},
"trigger": {
"accessRequestId": "**********************************",
"requestedBy": {
"id": "5fdd81e8520d4d2111faecb4b8d1f39f167",
"name": "Privileged Access Management",
"type": "IDENTITY"
},
"requestedFor": {
"id": "c43f2f0d88ae47ec211282c62c4c1e0d2e62",
"name": "*******************",
"type": "IDENTITY"
},
"requestedItemsStatus": [
{
"accessRequestContext": null,
"approvalInfo": [],
"clientMetadata": {
"requestedAppId": "*****************************",
"requestedAppName": "Privileged Access Management"
},
"comment": "",
"description": null,
"id": "fa0c9a6428dd4b5f9ea5016f3c27ec2d",
"name": "Privileged Access Management - B* **st",
"operation": "Add",
"type": "ACCESS_PROFILE"
}
]
}
}
}
}
]
Any idea why this is not working and always goes to the FALSE path where the input test should complete on the TRUE path?
I also have tried to call the index $.requestedItemsStatus[0].clientMetadata.requestedAppName instead of using $.requestedItemsStatus[*].clientMetadata.requestedAppName but still no luck…
