Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.
Hello All,
I am putting together a workflow to notify my team when a native change is made on an Azure tenant. I am trying to make the response as simple as I can to help the process along. The context for the email that is being sent is:
"body": "<p>${accountName} has been updated on ${source} outside of SailPoint ISC</p>\n<p style=\"padding-left: 40px;\">Attributes: ${singAttrChg} | </p> \n<p style=\"padding-left: 60px;\">${multAttrChg}</p>\n<p style=\"padding-left: 40px;\">Entitlements Added: ${entAdd}</p>\n<p style=\"padding-left: 40px;\">Entitlements Removed: ${entRemove}</p>\n<p>Please investigate if this was an approved change. If not, then remove the access and advise the end-user to make the change using the proper channels.</p>",
"context": {
"accountName.$": "$.trigger.account.name",
"entAdd.$": "$.trigger.entitlementChanges.added.name",
"entRemove.$": "$.trigger.entitlementChanges.removed.name",
"multAttrChg.$": "$.trigger.multiValueAttributeChanges.add.name",
"singAttrChg.$": "$.trigger.singleValueAttributeChanges.remove.name",
"source.$": "$.trigger.source.name"
I can get all of the native changes by just using “$.trigger.entitlementChanges”, “$.trigger.multValueAttributeChange“, and “$.trigger.singleValueAttributeChange“. however, my fear is our support team may just look at what is returned and ignore it because it is not user friendly. Here is the example from the test output
Attributes: ${singAttrChg} |
{addedValues=[cn=g4,ou=groups,dc=acme,dc=com], name=memberOf, removedValues=[cn=g1,ou=groups,dc=acme,dc=com]}
Entitlements Added (${entAdd}): {added=[{id=f3638e0d-2c0d-4731-8e4b-04ebb7aeea94, name=User group, owner={id=ee769173319b41d19ccec6cea52f237b, name=John Doe, type=IDENTITY}, value=User}], attributeName=groups, removed=[{id=69bb2859-19f7-40db-a81d-e57ee31ac485, name=Manager group, owner={id=ee769173319b41d19ccec6cea52f237b, name=John Doe, type=IDENTITY}, value=Manager}]}
Entitlements Removed(${entRemove}): {added=[{id=f3638e0d-2c0d-4731-8e4b-04ebb7aeea94, name=User group, owner={id=ee769173319b41d19ccec6cea52f237b, name=John Doe, type=IDENTITY}, value=User}], attributeName=groups, removed=[{id=69bb2859-19f7-40db-a81d-e57ee31ac485, name=Manager group, owner={id=ee769173319b41d19ccec6cea52f237b, name=John Doe, type=IDENTITY}, value=Manager}]}
What I am looking to do is just return the name of what was changed in an easy to read format.
Any thought if this is possible?