I have imported two files in Sailpoint IIQ as delimited files and in the second one each employee id has a suffix of @db attached to it and rest remains same as the first one , now i need to Correlate all the users with the existing identities, but not creating the new identities as these are already present from the first file.
I wrote a rule for this:
import sailpoint.object.Identity;
String dbEmployeeId = attributes.get("employeeId"); // Get the employeeId from the uploaded file
if (dbEmployeeId != null) {
Map<String, String> attributes = new HashMap<>();
// populate the attributes map with data
String dbEmployeeId = username.get("employeeId");
// Remove the @db suffix to get the original employeeId
String employeeId = dbEmployeeId.replace("@db", "");
// Search for an existing Identity with the cleaned employeeId
Identity existingIdentity = context.search(Identity.class, "employeeId = ?", employeeId).stream().findFirst().orElse(null);
// If an existing identity is found, return its ID
if (existingIdentity != null) {
return existingIdentity.getId();
} else {
// If no identity is found, do not create a new identity (return null)
return null;
}
} else {
// If employeeId is null, return null (no correlation possible)
return null;
}
but getting error:
Error: Exception running rule: BeanShell script error: bsh.EvalError: Sourced file: inline evaluation of: ``import sailpoint.object.Identity; String dbEmployeeId = attributes.get("emplo . . . '' : Typed variable declaration : Attempt to resolve method: get() on undefined variable or class name: attributes : at Line: 3 : in file: inline evaluation of: ``import sailpoint.object.Identity; String dbEmployeeId = attributes.get("emplo . . . '' : attributes .get ( "employeeId" )
BSF info: Employee ID Correlation at line: 0 column: columnNo
Please help me to resolve this Please
HI @uditsahntl01 ,
- The issue is that the identities are not getting created when they are not correlating?? or you need to correlate accounts from both the files to one identity??
- The error in the rule says, it is unable to resolve the method get() which means itâs not able to get the employee ID. First try to get the identity from the plan and then try to get identity attributes.
Identity identity = plan.getIdentity();
String dbEmployeeId = identity.getAttribute(âemployeeIdâ);
I believe you are implementing correlation rule and in the correlation rule âattributesâ is not an input argument, and so the error states it is not able to determine attributes.
Instead, you can use below code. Also you can enable âOnly create links if they can be correlated to an existing identityâ option in the Account Aggregation Task to suppress/ignore creation of identities if existing identity is not found to correlate
//correlation rule
Map returnMap = new HashMap();
String accountEmployeeId = account.getStringAttribute("employeeId");
String employeeId = null;
if(null != accountEmployeeId) {
String[] accountEmpIdArray = accountEmployeeId.split("@");
employeeId = accountEmpIdArray[0];
}
returnMap.put("identityAttributeName","employeeId");
returnMap.put("identityAttributeValue",employeeId);
return returnMap;
1 Like
Exception during aggregation of 1a@db. Reason: Unable to correlate using filter [employeeId == â1aâ]: could not resolve property: employeeId of: sailpoint.object.Identity
This error is coming during aggregation .
Exception running rule: BeanShell script error: bsh.EvalError: Sourced file: inline evaluation of: Map returnMap = new HashMap(); String accountEmployeeId = account.getStringAttr . . . '' : Typed variable declaration : Attempt to resolve method: getStringAttribute() on undefined variable or class name: account : at Line: 2 : in file: inline evaluation of: Map returnMap = new HashMap(); String accountEmployeeId = account.getStringAttr . . . ââ : account .getStringAttribute ( âemployeeIdâ )
BSF info: Employee ID Correlation at line: 0 column: columnNo
This during running the rule
What i want is to correlate accounts from both the files to one identity??
The employeeId attribute should be marked searchable from Identity Mappings and run Refresh Identity Cube task, post that run account aggregation to correlate to matched identity
Besides, the correlation rule is meant to trigger during aggregation, it does not work if it is run independently via run rule task or running from debug. So if you are running the rule through that, then avoid it