Delta Aggregation Settings and Common Configuration

DocsTeam · June 3, 2024, 6:40am

In the Connection Timeout (in seconds) field, enter the connection timeout value in seconds.

This is the companion discussion topic for the documentation at https://documentation.sailpoint.com/connectors/webservices/help/integrating_webservices/delta_aggregation_settings_and_common_configuration.html

neilhowell-sydneyuni · August 2, 2024, 7:53am

Please update the original document to include this information, it may save people hours of troubleshooting erorrs with privatekeys.

To convert the .key file to a compatible RSA PEM file you may need to add
-traditional to the end of the command.
openssl rsa -in currentprivatekey.key -out newprivatekey-with-rsa.pem -traditional

As per this post
(ssl - How to convert a private key to an RSA private key? - Stack Overflow)

Newer versions of OpenSSL say BEGIN PRIVATE KEY because they contain the private key + an OID that identifies the key type (this is known as PKCS8 format). To get the old style key (known as either PKCS1 or traditional OpenSSL format) you can do this:

openssl rsa -in server.key -out server_new.key

If you are using OpenSSL 3, you need to add -traditional

openssl rsa -in server.key -out server_new.key -traditional

Alternately, if you have a PKCS1 key and want PKCS8:

openssl pkcs8 -topk8 -nocrypt -in privkey.pem

gmilunich · June 2, 2025, 2:52pm

THe Delta Aggregation and Common Configuration sections should be split into their own sections to follow your existing pattern, and to make the Common Configuration easier to find, since it is not related to Delta Aggregation.

gmilunich · June 2, 2025, 2:59pm

Can you expand the Common Configuration examples for using a Boolean Value, assuming it still works.

We have an client who has configured a Boolean Attribute in their schema, ie. “accounttIsActive”, and set the “Account Enable Status Attribute” to be “accounttIsActive=true”. However, after aggregating the values, the Account “Status” attribute still shows as “Enabled” in the UI for all users, even those with “accounttIsActive=false”.

Questions I would have:

Do Boolean values require a different format?
Do the boolean values require case-sensitive formatting? If so, which?
Is there something else needed for this to be processed? If this is set after the initial aggregation, is an unoptimized Aggregation required?

gmilunich · June 2, 2025, 3:01pm

Just tried the API call to aggregate with disableOptimization set to true, and it did not change the value.

gmilunich · June 2, 2025, 3:24pm

In the Common Settings section, the Note under #3 has the following line under the 3rd bullet point:

This feature’s supported types are string , integer , and Boolean .

This should probably be part of the primary information in the #3 bullet point, or at minimum, it’s own bullet point under the note (ideally first, if this is the case.)

joshb488 · June 2, 2025, 5:50pm

Hi Geoff! Thank you for all your input. I’ve created a Jira issue to track the effort for all of this and I’ll update the comment thread when it’s been addressed: CONDOCS-6931

Topic		Replies	Views
API Token Connectivity Documentation Feedback saas-con-docs	3	32	July 29, 2024
Basic Connectivity Documentation Feedback saas-con-docs	2	71	June 14, 2024
ADP HR Source Failure-Certificate and Private key Format ISC Discussion and Questions webservice-connector , apis , identity-security-cloud , certifications	3	394	June 24, 2024
TLS: AD certificate issue between VA and AD ISC Discussion and Questions identity-security-cloud , connectors	13	505	November 2, 2024
Certificate Authentication for Webservice connector IIQ Discussion and Questions webservice-connector , apis , identityiq	3	587	March 17, 2024

Delta Aggregation Settings and Common Configuration

Related topics