karan_1984
January 7, 2025, 4:27pm
1
Thanks to @dernc and @ethompson whose posts helped in creating the PowerShell script.
Below is the modified PowerShell Script which you can use to create Access Request in Bulk.
#sandbox
$ClientID = "XXXXXXXXXXXXXXXXXXXXXXXXX"
$SecretID = "YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"
$pair = "$($ClientID):$($SecretID)"
$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($pair))
$BasicAuth1 = "Basic $encodedCreds"
#Get credentials and encrypt them
$tokenParam = @{
URI = 'https://my-tenant.api.identitynow.com/oauth/token'
Body="grant_type=client_credentials"
Headers = @{'Authorization' = "$BasicAuth1";"Content-Type"='application/x-www-form-urlencoded;application/json;charset=UTF-8'}
Method = 'POST'
}
$tokenResponse = Invoke-RestMethod @tokenParam
$token = $tokenResponse.access_token
$users = @()
$entitlementId = ""
foreach ($user in $users) {
$body = @{
requestedFor = @(
$user
)
requestType = "GRANT_ACCESS"
requestedItems = @(
[PSCustomObject]@{
type = "ENTITLEMENT"
id = $entitlementId
comment = "Assining entitlement to the users as per request from Karan"
}
)
}
(ConvertTo-Json $body -depth 5)
$params = @{
method = "POST"
uri = "https://my-tenant.api.identitynow.com/v3/access-requests"
body = (ConvertTo-Json $body -Depth 5)
headers = @{'Authorization' = "Bearer $token"}
ContentType = "application/json"
}
try {
$response = Invoke-RestMethod @params
$response
}
catch {
Write-Host $response
Write-Host $_.Exception.Message -ForegroundColor Red
Write-Host $_.Exception.ItemName -ForegroundColor Red
}
}
6 Likes
Thanks for sharing @karan_1984 . This script could be really useful to perform bulk access request for let’s say 250 summer interns are informed to joining and we haven’t got RBAC set for them. Saves a lot of time.
Where do you think it’s best to save and run such script?
karan_1984
January 11, 2025, 3:04pm
3
Hi @TheOneAMSheriff its up to you where you want to save. Would be good if it is executed by the person who knows how to use PowerShell script as you need to enter Identity ID and entitlement ID manually in this script.
Also, do note that you will enter the PAT information as well in this script.
1 Like
Can we provide CSV path as reference for list of users ?
karan_1984
February 19, 2025, 2:30am
6
#sandbox
$ClientID = "XXXXXXXXXXXXXXXXXXXXXXXXX"
$SecretID = "YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"
$pair = "$($ClientID):$($SecretID)"
$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($pair))
$BasicAuth1 = "Basic $encodedCreds"
#Get credentials and encrypt them
$tokenParam = @{
URI = 'https://my-tenant.api.identitynow.com/oauth/token'
Body="grant_type=client_credentials"
Headers = @{'Authorization' = "$BasicAuth1";"Content-Type"='application/x-www-form-urlencoded;application/json;charset=UTF-8'}
Method = 'POST'
}
$tokenResponse = Invoke-RestMethod @tokenParam
$token = $tokenResponse.access_token
$users = Get-Content "D:\Add-Users.txt"
$entitlementId = ""
foreach ($user in $users) {
$body = @{
requestedFor = $user.split(':')
requestType = "GRANT_ACCESS"
requestedItems = @(
[PSCustomObject]@{
type = "ENTITLEMENT"
id = $entitlementId
comment = "Assining entitlement to the users as per request from Karan"
}
)
}
(ConvertTo-Json $body -depth 5)
$params = @{
method = "POST"
uri = "https://my-tenant.api.identitynow.com/v3/access-requests"
body = (ConvertTo-Json $body -Depth 5)
headers = @{'Authorization' = "Bearer $token"}
ContentType = "application/json"
}
try {
$response = Invoke-RestMethod @params
$response
}
catch {
Write-Host $response
Write-Host $_.Exception.Message -ForegroundColor Red
Write-Host $_.Exception.ItemName -ForegroundColor Red
}
}
# Combined the data for CSV export
$CombinedData = @()
foreach ($user in $body.requestedFor) {
foreach ($item in $body.requestedItems) {
$flattenedData += [PSCustomObject]@{
RequestedFor = $user
RequestType = $body.requestType
ItemType = $item.type
ItemId = $item.id
ItemComment = $item.comment
}
}
}
$CombinedData| Export-Csv "C:\Users\Usersadded.csv" -Append -NoTypeInformation
1 Like
karan_1984
February 19, 2025, 2:31am
7
Thank you for your Patience.
I have updated the script with input from text file and output to an csv file.