SailPoint IIQ 8.4
Hi All,
I have a custom requirement where i need to remove pending access requests for an identity. Can someone provide a snippet how to delete a pending identity request to try out in rule.
Hi
Pending IdentityRequest may have a workflowCase associated with it so you may want also look in to that and delete those workflow cases (any outstanding workItems will get deleted automatically).
Having said that here is the sample code:
Terminator terminator = new Terminator(context);
terminator.deleteObjects(IdentityRequest.class,
new QueryOptions(Filter.or(Filter.eq("targetId", identity.getId()),
Filter.eq("targetDisplayName",
identity.getDisplayName()))));
This will delete ALL Identity requests so you may want to throw in a filter to filter out the ones that are not finished.
(Will you be able to add that on your own?)
You can utilize the below code to delete the IdentityRequest that is in pending state.
This code will find the IdentityRequest that is in Pending for the last 5 days then delete those IdentityRequest.
import sailpoint.object.IdentityRequest;
import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import java.util.List;
// Calculate cutoff date (5 days ago)
long millisInDay = 24L * 60 * 60 * 1000;
Date cutoffDate = new Date(System.currentTimeMillis() - (5L * millisInDay));
QueryOptions qo = new QueryOptions();
qo.add(Filter.eq("executionStatus", "Executing"));
// Comment the below line if you do not want to add filter for the days.
qo.add(Filter.lt("created", cutoffDate));
List requests = context.getObjects(IdentityRequest.class, qo);
int deleted = 0;
if (requests != null && !requests.isEmpty()) {
Terminator terminator = new Terminator(context);
for (Object obj : requests) {
IdentityRequest req = (IdentityRequest) obj;
terminator.deleteObject(req); // safe delete with child cleanup
deleted++;
}
}
return "Deleted " + deleted + " pending IdentityRequests older than 5 days.";
Thanks @aleksander_jachowicz .
Great, Thank you Manish.