Deleted Source but accounts still attached to identities

UCChris · July 1, 2024, 1:39pm

I deleted a source that had many accounts correlated to identities. I accidentally did not reset the accounts before deleting the source. This left all of the accounts still correlated to the identities even though the source is gone. I can remove these accounts manually but there are over 100,000 of them. I have tried many of the API’s and none of them work. I do have the old sourceID of this application but I dont know how to have all of these accounts deleted from the identities.

shaileeM · July 1, 2024, 2:04pm

Hi @UCChris

You can get the list of accountIDs using the sourceId of the deleted source and then use remove account API to remove/uncorrelate the account from the identities one by one. You can use postman scripts to do that.

POST https://<tenant>.api.identitynow.com/beta/accounts/<account id>/remove

Thanks,
Shailee

UCChris · July 1, 2024, 3:05pm

Thanks Shailee,

I ran POST https://.api.identitynow.com/v3/accounts?sourceId=:id

This gave me a large json object.

I don’t see the end point you pasted above in my API BETA collection.

I see DELETE https://.api.identitynow.com/beta/accounts/:id

Am I missing something?

shaileeM · July 2, 2024, 3:21am

Hi @UCChris ,

Yes, Remove Account API is not available in the postman, you can duplicate the Unlock account API and change the API as below :

https://.api.identitynow.com/beta/accounts/:id/remove

Please make sure that the HTTP method is POST

This API works fine.

vguleria · July 2, 2024, 8:04am

Hi @UCChris

Yes, I agree with @shaileeM, you will need to use the REMOVE endpoint to make sure that accounts are removed from IdentityNow’s knowledge space.

In general, i would advice to run first source reset (for both account and entitlement ) before source delete so that they do not need to be processed manually later.

Thank You.
Regards
Vikas.

ashutosh08 · July 3, 2024, 4:58pm

@UCChris,

You can use below two API in combination and create a simple script to get the ID’s in code and then trigger the removal using the other API.

In the get account you can restrict the return of account by giving source ID.

https://sailpoint.api.identitynow.com/v3/accounts

https://sailpoint.api.identitynow.com/v3/accounts/:id

Let us know if further input is needed.

Thanks

system · September 6, 2024, 1:07pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Endpoint for 'remove account' ISC Discussion and Questions	7	1142	July 19, 2023
How to remove accounts from Identity ISC Discussion and Questions aggregation	1	462	July 19, 2023
How to keep the identities although the account is deleted from Source of Truth ISC Discussion and Questions	12	1266	July 19, 2023
Remove an account from identity ISC Discussion and Questions identity-security-cloud	4	199	July 20, 2024
IDN delete accounts on connected systems? ISC Discussion and Questions identity-security-cloud , provisioning , connectors	2	131	August 18, 2024

Deleted Source but accounts still attached to identities

https://sailpoint.api.identitynow.com/v3/accounts

https://sailpoint.api.identitynow.com/v3/accounts/:id

Related topics