Create a business role with Match List using JAVA

motiost · October 12, 2025, 2:25pm

I want to create a business role (bundle) using Java. I need to add Match List (inactive = “false”) AND (company_cd = “LND”) I don’t understand how to do this.

I really need help.

Chathuryas · October 12, 2025, 3:39pm

Here is the sample code to create a bundle using java. You can add the required and permitted roles to the bundle as well.

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Sample-CreateRole" >
  <Source>

  import sailpoint.object.Bundle;
  import sailpoint.object.IdentitySelector;
  import sailpoint.object.IdentitySelector.MatchExpression;
  import sailpoint.object.IdentitySelector.MatchTerm;
  import sailpoint.object.Identity;

  Bundle bundle = new Bundle();

  String bundleName = "BundleName"; // Set the role name here 
   
  bundle.setName(bundleName);
  
  bundle.setType("business");

   String ownerName = "OwnerName"; // Set the OwnerName here 

  Identity owner = context.getObjectByName(Identity.class,ownerName);

  bundle.setOwner(owner);

  IdentitySelector identitySelector = new IdentitySelector();


  MatchExpression matchExpression = new MatchExpression();


  MatchTerm isInActiveMatchTerm = new MatchTerm();

  isInActiveMatchTerm.setName("inactive");
  isInActiveMatchTerm.setType(IdentitySelector.MatchTerm.Type.valueOf("IdentityAttribute"));
  isInActiveMatchTerm.setValue("false");

  MatchTerm companyMatchTerm = new MatchTerm();


  companyMatchTerm.setName("company_cd");
  companyMatchTerm.setType(IdentitySelector.MatchTerm.Type.valueOf("IdentityAttribute"));
  companyMatchTerm.setValue("LND");


  matchExpression.addTerm(isInActiveMatchTerm);
  matchExpression.addTerm(companyMatchTerm);
  matchExpression.setAnd(true);

  identitySelector.setMatchExpression(matchExpression);

  bundle.setSelector(identitySelector);

  context.saveObject(bundle);

  context.commitTransaction();

  </Source>
</Rule>
```

Save this code as a Rule object and run the rule from the debug page

msingh900 · October 14, 2025, 4:17am

@motiost

Please use the code below:

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule language="beanshell" name="business-role-creation-through-rule">
  <Source>

  import sailpoint.object.Bundle;
  import sailpoint.object.Identity;
  import sailpoint.object.IdentitySelector;
  import sailpoint.object.IdentitySelector.MatchExpression;
  import sailpoint.object.IdentitySelector.MatchTerm;
  import sailpoint.tools.GeneralException;

  try {

    // Basic details for the business role
    String roleName = "BusinessRole-1";
    String ownerIdentity = "spadmin";

    // Check if a business role with this name already exists
    Bundle businessRole = context.getObjectByName(Bundle.class, roleName);
    if (businessRole == null) {
      businessRole = new Bundle();
      businessRole.setName(roleName);
      businessRole.setDisplayName(roleName);
      businessRole.setType("business");
      businessRole.addDescription("en_US", "Business role created via script: " + roleName);
    }

    // Assign the owner
    Identity owner = context.getObjectByName(Identity.class, ownerIdentity);
    if (owner == null) {
      throw new GeneralException("Owner not found: " + ownerIdentity);
    }
    businessRole.setOwner(owner);

    // Build the selector to define which identities qualify
    IdentitySelector selector = new IdentitySelector();
    MatchExpression expression = new MatchExpression();

    // Term 1: inactive == false
    MatchTerm termInactive = new MatchTerm();
    termInactive.setName("inactive");
    termInactive.setType(IdentitySelector.MatchTerm.Type.IdentityAttribute);
    termInactive.setValue("false");

    // Term 2: company_cd == LND
    MatchTerm termRegion = new MatchTerm();
    termRegion.setName("company_cd");
    termRegion.setType(IdentitySelector.MatchTerm.Type.IdentityAttribute);
    termRegion.setValue("LND");

    // Add both terms and use AND logic
    expression.addTerm(termInactive);
    expression.addTerm(termRegion);
    expression.setAnd(true);

    selector.setMatchExpression(expression);
    businessRole.setSelector(selector);

    // Save and commit the role
    context.saveObject(businessRole);
    context.commitTransaction();

    System.out.println("Business role '" + roleName + "' created successfully.");

  } catch (Exception e) {
    context.rollbackTransaction();
    System.out.println("Error while creating business role: " + e.getMessage());
    e.printStackTrace();
  }


  </Source>
</Rule>

msingh900 · October 14, 2025, 4:33am

Suppose you want to make this rule dynamic, then you can utilize the Run Rule Task template. From the parameters section, you can provide the variable Key and value.

Also specify the rule to call and it will create the role and add matchlist according to the value you have provided.

system · December 13, 2025, 4:34am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Import roles in IdentityIQ using rule IIQ Discussion and Questions rules , identityiq , roles	7	439	December 21, 2024
Get business roles from organizational roles IIQ Discussion and Questions identityiq , roles	5	312	April 27, 2024
Report from rule IIQ Discussion and Questions rules , identityiq , roles , reports	14	1351	January 22, 2024
I want all users details which contains a business role IIQ Discussion and Questions rules , identityiq , roles , access-requests	9	1049	April 1, 2024
How to use identitySelector or matchExpression as a generic query? IIQ Discussion and Questions rules , identityiq	12	190	January 20, 2026

Create a business role with Match List using JAVA

I want to create a business role (bundle) using Java. I need to add Match List (inactive = “false”) AND (company_cd = “LND”) I don’t understand how to do this.

Related topics