Create account provisioning

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

:bangbang: Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.

Please consider addressing the following when creating your topic:

  • What have you tried?
  • What errors did you face (share screenshots)?
  • Share the details of your efforts (code / search query, workflow json etc.)?
  • What is the result you are getting and what were you expecting?

Hi,

I am working on create account provisioning. The create api working fine in postman and I am getting the id in the response. But in IdentityNow its not working. Account is not getting created in application side.

This error am getting in logs

“esponse=HttpResponseWrapper [status=200, response={“responseStatus”:“FAILURE”,“errors”:[{“type”:“PARAMETER_REQUIRED”,“message”:“Missing required parameter [security_profile__sys]”}],“errorType”:“PARAMETER_REQUIRED”}, headers={Transfer-Encoding=chunked, Server=nginx, X-Content-Type-Options=nosniff, X-VaultAPI-Status=FAILURE, Connection=keep-alive, Date=Thu, 02

security_profile__sys :

already I have mentioned in the body of the http operation. security_profile__sys is set up in access profile to be requested from request center

image
image1189×314 12.3 KB

image
image661×448 19.6 KB

image
image789×729 43.3 KB

2

I see it in the operation, but is it in the actual create account policy? It also needs to be on this page:

image
image805×546 18.8 KB

3

Though I cannot see all the attributes being populated in body but it seems you may have issue with mapping the correct attribute for security_profile__sys. It should be security_profile__sys=$plan.security_profile__sys and you should have attribute request with this ( security_profile__sys) attribute name in your plan. I do not see any attribute being set in your plan from screenshot that starts with user_security_profile_… Not sure if its just not captured in screenshot clearly.

image
image650×219 38.3 KB

4

It seems like the value for security_profile__sys is an entitlement that is requested. But based on the plan from the “Create Account” screenshot, entitlement does not seem to be included in the provisioning plan. Have you enabled this under Additional Settings?

image

5

Hi @SanjeevIAM Yes. Its added there like security_profile__sys=$plan.user_security_profile_id$

6

Hi Vincent, its added.

image
image591×858 29.9 KB

7

Hi Nithesh, yes its enabled

image
image381×262 3.92 KB

8

Is user_security_profile_id also defined as Account ID on your schema. If Yes can you try replacing it with $plan.nativeIdentity$

9

@apattana Did you try $plan.nativeIdentity$?

10

I think this represents the entitlement requested, not account ID. And, account ID would probably be generated by the end system while creating the account

11

Yes. here $plan.user_security_profile_id$ is the entitlement requested and id is marked as account id which is created at the time of account creation. we are getting id in the response body

12

Hey

Print the logs so you can understand the issue. Use below code in Before Operation Rule and tag the rule fir the create operation.

log.error(“************Testlogs starting****************”);

log.error("Final Request Body: " +requestEndPoint.getBody());

log.error(“************Test logs END****************”);