I am trying to understand the correct formatting guidelines for delimited sources that have muiltiple multi-valued entitlements.

Based on the documentation when handling a single multi-valued attribute, you’re supposed to preformat the results to enumerate each item and duplicate the rest of the information, but what if there’s multiple multivalued attributes?

There’s different logical approaches to this problem, but we’re trying to understand the correct scope to ensure optimization and consistent results with all of the subprocessing within ISC to ensure entitlements are aggregated appropriately along with the correlation of those entitlements for each account.

So far we’ve identified the following possible solutions, but can’t decide which is best (ideal) for this use case and what ISC requires from a file-structure and multi-valued attribute approach.

Import Option A: Repeated items out-of-order

Import Option B: Repeat previous value

Import Option C: Structured to not repeat values

You could use a different delimiter such as a Pipe symbol “|” for multiple values. This way you have one row per Identity record. You would need a transform for each attribute that is allowed to have multiple values. With a velocity script you could parse the data out.

{
  "attributes": {
    "pipeDelimitedString": "apple|banana|cherry|date",
    "value": "#set($fruits = $pipeDelimitedString.split('\\|'))$fruits[2]"
  },
  "type": "static",
  "name": "Pipe Delimited Split Example"
}

If one attribute / column is jobCode and you need to use it for role membership criteria, as part of the transform you could encapsulate the different jobCode values In squirly braces “{}”. Example: 504|503|509 could be transformed to an all job codes IDN attribute as {504}{503}{509}.

Following this:

I"m not sure transforms are relative to Entitlement aggregations. Or at least the Create Account profile and mapping identity attributes.

In this case, I have an export from the application (non-authoritative), but need to format the data prior to importing the file, and understand the correct way to enumerate multiple multi-valued entitlements for the accounts.

Uhggg, sorry totally missed this is for entitlements.

Since you have control of the data file, another option that you might try is using the SQL Loader connector. While this connector does have some limitations, you should be able to have your entitlements separate from your users and combine them with a sql query.

For example:
USERS.CSV
FirstName, LastName, Login
User, A, [email protected]
User B, [email protected]

TEAMS.CSV
Login, Team
[email protected], TeamA
[email protected], TeamB
[email protected], TeamC
[email protected], TeamA

ROLES.CSV
Login, Role
[email protected], Role-B
[email protected], Role-C
[email protected], Role-A
[email protected], Role-D

Then you could make a select statement like:
select FirstName,LastName,Login,Teams,Roles
from users,teams,roles
where users.login=teams.login and users.login=roles.login.

Alicia

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.