I’m trying to create workflow on test env for disabling account under certain condition.
The main trigger is a successfull aggregation on the specific source. When aggregation is completed it gets one Identity, checks specific attribute (might be any, it is just for test purpose). If attriubre value is equal to ‘Enabled’, the specific account should be disabled. Here is the diagram
here is a JSONPath for trigger
$[?($.source.id == “714d0496ec894cb9b9f0c80203cc8652” && $.status == “Success”)]
for get identity action I i picked specific identity from source which was triggered
Here is a JSONPath for operator
$.getIdentity.attributes.ldapstatus
equals
Enabled
here is a JSONPath for manage account action
$.getAccounts.accounts[?(@.sourceId==‘0878caf1edb74613aa6d4f2d84ea9c37’)].id
Executions were completed, but account for specific Identity was not disabled.
I assume, that there might be a problem after true operator. I tested the workflow using email notification action instead manage accounts, and email was sent to me.
Will you please support me in this matter?
In the future I’d like to make it for all identities from a specific source. Right now, to minimalize the side effects, I am making it only for one identity.
I am doing a similar thing except I am enabling accounts through a loop.
This is what my json path looks like. It might help you with the formatting.
$.loop.loopInput.accounts[?(@.source.id == “2c9180867c5b60ac017c70c751a37076”)].id
I do notice that there are some differences compared to the path you provided
You need to enclose expression in Manage Account section with {{ }}. That will resolve your issue. It is not in the documentation, but enclosing in double curly braces will surely resolve your issue.
Use {{ $.getAccounts.accounts[?(@.sourceId=="0878caf1edb74613aa6d4f2d84ea9c37")].id }}
Hello @kdfreeman
unfortunately it did not disable the account. I got this error
{“displayName”:“Manage Accounts”,“result”:{“accountsErrorDetails”:[{“accountID”:“{{ $.getAccounts.accounts[?(@.sourceId==‘d8322a2d7e3340a297d0891c37743036’)].id }}”,“errorMessage”:“request failed: 400 - 400 Bad Request (type: HTTP Response Returned a Client Error, retryable: false): request failed: 400 - 400 Bad Request”}],“failedAccounts”:[“{{ $.getAccounts.accounts[?(@.sourceId==‘d8322a2d7e3340a297d0891c37743036’)].id }}”],“successfulAccounts”:null},“stepName”:“manageAccounts”,“task”:“sp:manage-account”,“technicalName”:“Manage Accounts”}
hello @kdfreeman
I changed it and here is the result:
{“displayName”:“Manage Accounts”,“result”:{“accountsErrorDetails”:[{“accountID”:“{{ $.getAccounts.accounts[?(@.sourceId=="0878caf1edb74613aa6d4f2d84ea9c37")].id }}”,“errorMessage”:“request failed: 400 - 400 Bad Request (type: HTTP Response Returned a Client Error, retryable: false): request failed: 400 - 400 Bad Request”}],“failedAccounts”:[“{{ $.getAccounts.accounts[?(@.sourceId=="0878caf1edb74613aa6d4f2d84ea9c37")].id }}”],“successfulAccounts”:null},“stepName”:“manageAccounts”,“task”:“sp:manage-account”,“technicalName”:“Manage Accounts”}
