Error in Removing Entitlement Json Body

saikumarS · August 11, 2025, 5:07pm

Hi Everyone,

Im trying to remove entitlement “ABC” from all identities who currently have it from workflow.

Seeing Error in manage Access trigger:

{“locale”:“und”,“localeOrigin”:“REQUEST”,“text”:“Referenced RequestedFor Identity/Identities {{$.loopThroughIdentities.loopInput.identityId}} was/were not found.”},{“locale”:“en-US”,“localeOrigin”:“DEFAULT”,“text”:“Referenced RequestedFor Identity/Identities {{$.loopThroughIdentities.loopInput.identityId}} was/were not found.”}],“causes”:}",

Json Body that i’m passing :

{
“requestedFor”: [
“{{$.loopThroughIdentities.loopInput.identityId}}”
],
“requestedItems”: [
{
“type”: “ENTITLEMENT”,
“id”: “e7987bfd753f4a3481718cb895cebee2”,
“comment”: “Requesting Removal of group Test computer group”
}
],
“requestType”: “REVOKE_ACCESS”
}

iamnithesh · August 11, 2025, 5:28pm

Use `$.loopInput.identityId` instead

saikumarS · August 11, 2025, 5:33pm

Hi @iamnithesh ,

Added the same and seeing below error.

{
“errorMessage”: “task failed: activity error (type: sp:external:http:v2, scheduledEventID: 5, startedEventID: 6, identity: 1@sp-workflow-worker-stg-us-east-1-586d6b75c-w7fnq@sp-workflow-engine): request failed (type: HTTP Response Returned a Client Error, retryable: false): request failed: 400 - 400 Bad Request - {“detailCode”:“400.1.404 Referenced object not found”,“trackingId”:“342e57b62cef4798b1d1db52a867dc1b”,“messages”:[{“locale”:“und”,“localeOrigin”:“REQUEST”,“text”:“Referenced RequestedFor Identity/Identities {{$.loopInput.identityId}} was/were not found.”},{“locale”:“en-US”,“localeOrigin”:“DEFAULT”,“text”:“Referenced RequestedFor Identity/Identities {{$.loopInput.identityId}} was/were not found.”}],“causes”:}”,
“payload”: null
},

iamnithesh · August 11, 2025, 5:39pm

Can you share the json of your workflow?

YanCoelho · August 11, 2025, 5:41pm

$.loop.loopInput.id

$.loop.context.uid

Doesn’t matter how you name your loop the syntax will always be the same.

saikumarS · August 11, 2025, 5:42pm

Here it is

RemoveSMTPGroup20250811 (9).json (2.7 KB)

saikumarS · August 11, 2025, 6:00pm

Thank you @YanCoelho @iamnithesh ,

After changing the loop syntax , workflow got executed successfully with out any errors. However ,Entitlement is not removed.

RemoveSMTPGroupExecution20250811 (4).json (14.1 MB)

iamnithesh · August 11, 2025, 6:11pm

`$.loop.loopInput.id`

saikumarS · August 11, 2025, 6:20pm

Getting error for $.loopInput.identityId and $.loop.loopInput.id is working. However entitlement is not removing.

iamnithesh · August 11, 2025, 6:59pm

If entitlement is assigned via a Role, it will not be removed by REVOKE_ACCESS request, and the request will throw an error

saikumarS · August 12, 2025, 4:44am

It is direct entitlement ,We are assigning this entitlement t trigger afterModify rule

baoussounda · August 12, 2025, 10:22am

This workflow works.

RemoveEntitmentV220250812.json (2,0 Ko)

Parameter to replace :

creator with your workflow owner informations or import json with vscode
Get identity filter query : “@access(name:“Your entilement name”)”,
Replace entitlement ID with the correct one in Remove Access JSON Body

Topic		Replies	Views
Remove all entitlements with workflow ISC Discussion and Questions workflows , identity-security-cloud	6	1877	December 25, 2023
Entitlement removal workflow issue ISC Discussion and Questions workflows , identity-security-cloud , provisioning , entitlements	3	442	January 13, 2024
Unable to reference identity ID in loop context ISC Discussion and Questions workflows , identity-security-cloud	3	569	December 25, 2023
Workflow to remove access by identity based on special conditions ISC Community Knowledge Base workflows , identity-security-cloud	14	1710	August 7, 2025
Scheduled Removal of specific Entitlement(Test Group) from identities via workflow ISC Discussion and Questions identity-security-cloud	9	60	August 11, 2025

Error in Removing Entitlement Json Body

Related topics