salam1
(Shajedul Alam)
December 15, 2022, 9:33pm
1
Hi everyone,
I am trying to build a transform. The identity has two managers. Both of them are identity attributes. One of them is called “Manager Overseas” and the other is “Manager in house”. I am trying to get the identity’s overseas Manager and then bring in the ID(identity attribute) of the overseas manager.
Example:
User: John Smith
User’s manager overseas (identity attribute): Bella Bee
User’s Manager in house (Identity attribute): Rose Shime
Bella Bee’s ID (Identity attribute): 00512321
User’s overseas manager ID : 00512321 (Desired outcome for user’s new Identity attribute)
So far I have tried this below and it is not working. Any suggestions would really help! Thank you!!
{
"attributes": {
"ignoreErrors": "true",
"values": [
{
"attributes": {
"value": "$identity.useroverseamanager.attributes.Id"
},
"type": "static"
},
""
]
},
"name": "user overseas manager id",
"type": "firstValid"
}
salam1
(Shajedul Alam)
December 21, 2022, 4:28pm
2
Hey guys,
I have tried using a specific uid value and that worked. Then i tried inputing an attribute name to dynamically search for the user’s overseas manager.
Transform that worked:
{
"attributes": {
"name": "Cloud Services Deployment Utility",
"operation": "getReferenceIdentityAttribute",
"uid": "[email protected] ",
"attributeName": "salesforceId"
},
"type": "rule",
"name": "user overseas Manager ID"
}
Transform to dynamically look up didn’t work:
{
"attributes": {
"name": "Cloud Services Deployment Utility",
"operation": "getReferenceIdentityAttribute",
"uid": {
"attributes": {
"attributeName": "usersManagerOverseas",
"sourceName": "Workday Production"
},
"type": "accountAttribute"
},
"attributeName": "salesforceId"
},
"type": "rule",
"name": "user overseas Manager ID"
}
Could you please suggest if there is anything to achieve this?
Hello @salam1 ,
I don’t believe this can be accomplished via a transform.
I believe you can accomplish this with an Identity Attribute rule .
The rule would look similar to below.
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Example Rule" type="IdentityAttribute">
<Description>Describe your rule here.</Description>
<Source><![CDATA[
import sailpoint.object.*;
if (identity != null) {
Identity manager = identity.getManager();
if (manager != null && manager.getAttribute("salesforceId") != null && !manager.getAttribute("salesforceId").isEmpty()){
return manager.getAttribute("salesforceId");
}
else {
return "";
}
}
]]></Source>
</Rule>
1 Like
salam1
(Shajedul Alam)
March 14, 2023, 1:38pm
4
Thank you so much! Yes, identity attribute rule makes sense.
1 Like