Hello Team,

I have a situation where i need to create 2 applications pointing to same domain of azure tenet. One application is for Members and other is for Guests accounts. We have wrote correlation rule where based on nickname attribute, we need to differentiate the accounts for both applications.

Please find the corelation rule for partner application below:

import java.util.HashMap;
import sailpoint.object.Identity;
import java.util.Map;
import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;

Map returnMap = new HashMap();
String mailNickName = account.getStringAttribute(“mailNickname”);
String result = mailNickName.replace(“_xxxx#EXT#”, “”);
Identity idn = context.getObjectByName(Identity.class, result);
if(idn!=null){
String userId = idn.getName();
returnMap.put(“identity”, idn);
}
return returnMap;

==========================================
But still i am getting all the users in both applications, Kindly suggest me how i can aggregate users in separate applications on behalf of one attribute.

Thanks a lot in advance…

Hi @nirmal_sharma

The correlation rule is designed to link your accounts according to the specified logic. In your code if you don’t correlate for some identities , then system will attempt to use a fallback method based on identity attribute and display name.

To retrieve specific accounts, you can alternatively use a customization rule, ensuring that you return null if the condition is not satisfied.

hi @nirmal_sharma As mentioned by Arpitha, your requirement is not related to Correlation it is more ever resource object customization where you need to check your logic and return null or other application and do not return null for second application.
You can use “Advanced User Filter” if you have already 2 instance of azure. Or you are using webservice base then more simpler.
Again your requiremnt can be full fill with user filter also or resource object , just you need to make sure you are validation properly and returning null or resource object.
If user filter support in application use that more simple way to handle

Hi @nirmal_sharma ,

To aggregate only the Guest, you can include the filter entry in the first application XML

<entry key="userFilters" value="(  userType eq &apos;Guest&apos;)"/>

If you are using 8.4, you can directly specify the user filter in configuration page.

If you want to aggregate only Member in the second application, you can add the filter entry to application2 xml.

<entry key="userFilters" value="(  userType eq &apos;Member&apos;)"/>

In IIQ version 8.4

Hello @Arpitha1 , @mkumariaas ,

Thank you so much for the suggestion, It worked… I have written a customization rule and now its working as expected.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.