Hi,
We are CSV file source for which we create accounts using an CREATE account API call. Now, we want to generate unique ID (EMP ID) for each accounts in Sailpoint by incrementing the ID value.
How can we achieve this in SailPoint ISC. Any suggestions?
Note: EMP ID is the accountID and accountName
We can go for transform in this case. But for flat file it is not a good idea to have create account, except certification campaign.
Hello,
I am not able to completely understand the scenario but in normal cases, if you want to create a EmployeeID in ISC, the way to create it is using Identity Attribute Cloud Rule or an Account Attribute Cloud Rule.
For the identity attribute cloud rule approach, you need to create an identity attr in identity profile and then, map it to the respective employeeID attribute in CREATE ACCOUNT of respective source.
For the 2nd approach, you dont require to create an identity attribute but generation of attribute will occur during account creation only in ISC.
For checking the uniqueness, you can use an extended search attribute for the same.
Refer the attached link for the same.
Extended Search Attribute and its Usage
How to Search Non-Indexed Account Attributes in IDN Rules for Uniqueness
Account Attribute Generator Cloud Rule
[Identity Attribute Rule.]
(Identity Attribute Rule | SailPoint Developer Community)
Thank You,
Regards,
Rohit
But in my case, we are trigging an API endpoint CREATE Account to create an account in Delimited file source (which is auth source).
Now, I want to set a employeeNumber for this record in delimited source.
Note: we user employeeNumber as native Identity
Hey @chandramohan27 Sorry to ask the obvious question but if you are using the create API why not send the employeeNumber with the create? Could you not generate the value before you hit the api and then just send it along? If you need data from SailPoint you should be able to get it from the relevant APIs or using the search API.
I agree with above creating accounts directly in the source may not be the best way though SailPoint does say this is ok sometimes for delimited file sources.
If you must proceed with the current query then I think you could create a workflow that fires on the Event Trigger Native Change Account Created for your delimited file source. Then have the workflow update the source perhaps using the PUT API call for Update Account. The API doc says this is only available for flat file but it might work for delimited files as well.
PUT API call works for delimited file source.
P.S this solution is to provide a overview of how i would do it.
Whenever creating an account on the source i would call an HTTP API (GET ACCOUNTS) and put a filter based on the source and include another parameter i.e count=true and also make sure that i am getting only 1 account to not overload the response from API (i.e setting limit and offset).
API: list-accounts | SailPoint Developer Community
Now what this is going to do is it will return a header called “X-Total count” which will tell you how many records exists in the source currently. Assume its giving 12 for now.
Next step while creating an account via workflow,
For the you will need a EMPID (which is created with logic of incrementing one to the last created account) So it creates always unique and incremental
In order to create EMPID, Use the api from mathjs (math.js web service)
TYPE: GET
ENDPOINT: https://api.mathjs.org/v4/?expr=12%2B1
%2B is equivalent to +
Result would be 12+1 = 13
Pass the respective accountCount that you got from get-accounts api and the incrementor (i.e 1)
You would get a value i.e (13)
Now just store that in some variable and send it during create account!
I would also try this once this is just a idea that i am sharing
Thanks
Update:
I was indeed able to create an account with the incremental numbers.
Workflow TEST Steps:
Account Created:
Just a idea that i wanted to explore…
Hello,
In case where the direct writebacks are not possible in case of your application lets say a Delimited file source. I would recommend you to create a PowerShell Script which will call the Modification User APIs of that application and update the required details in it.
It will pickup the same value in next aggregation which will be through flat file.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
