Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.
Hi Team,
We have a requirement where in based on the access required, we have to update an attribute value. This provides a privileged access, hence requirement for setting attribute value.
E.g. I request for Admin access profile from SailPoint, I have to pass admin:true and update the account.
The API supports only PUT operation, so we have to pass all attributes on request but for specific requests this value has to be updated.
Please suggest if this something we can achieve on ISC.
Hi @amar_simha one of the ways to achieve this is by using a Before operation Rule in the Add Entitlement operation, where you can perform the following actions:
Identify the access that requires the admin flag to be set to true
Retrieve the existing account attributes
Build the payload for the PUT operation, with admin flag set to true
Hi @prashanthrns , Thanks for the response.
Do you have a sample structure of this rule? Looking for details on how to pull existing account attribute values.
Thanks @pradeep1602 for response. The flag is to be set on account level. You mean to say we have to pull the flag values (lets say true & false) as entitlements and assign them based on the actual entitlement requested?
You can do this without writing an rule. Please do the configuration of an Update Provisioning Policy and have all the attributes defined there. When the Entitlement is requested you can add it in the body by referring the attributes in the Provisioning Policy using $plan.attributeName$.
Let me know if you still face issue after doing this configuration
Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.