Google provisioning policy - Transform building JSON

PiotrP · February 19, 2024, 5:06pm

Hi,

I am trying to create a Create Provisioning Policy for Google Workspace.
I am preparing a Transform that will create Complex Provisioning Policy Attributes. These attributes must be in JSON format eg…:
{“name”: “Sailpoint”, “title”: “SysAdmin”, “type”: “work”, “customType”:“”, “department”: “DP Operations”, “location”: “Pune”}.
https://documentation.sailpoint.com/connectors/g_suite/help/integrating_g_suite/complex_provisioning_pol.html

And question:
How to build something like this in Transform?
How to escape JSON elements like: {, ", :

iamology · February 19, 2024, 5:09pm

JSON can be stored as a string by using escape characters wherever required
this json
{"address":"[email protected]","type":"other"}
will look like
"{\"address\":\"[email protected]\",\"type\":\"other\"}"
when stored as a string

Swegmann · February 20, 2024, 2:32pm

Is there any good converter online for this? Always doing it manually right now…

iamology · February 20, 2024, 2:33pm

PiotrP · February 20, 2024, 2:53pm

Thank you, this looks obvious. Now

PiotrP · February 27, 2024, 3:15pm

Hi @iamology,
Unfortunately it doesn’t work, maybe there is something wrong in another part of transform

{
“name”: “relations”,
“transform”: {
“type”: “static”,
“attributes”: {
“managersMail”: {
“type”: “firstValid”,
“attributes”: {
“values”: [
“$identity.getManager().getStringAttribute(‘email’)”,
“no manager exists”
]
}
},
“value”: “{"value": "$managersMail","type": "manager"}”
}
},
“attributes”: {
“cloudDelimiter”: “,”,
“cloudRequired”: “true”
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: true
},
Error message:
400 Error - Invalid JSON payload received. Unexpected token. lations": [[{value: tomasz.iksinski@ ^

mehuljogi · February 27, 2024, 8:13pm

Hello Piotr Pacholski,

First of all, welcome to the SailPoint Developer Community.
Can you please share the whole transform?

iamnithesh · February 27, 2024, 8:36pm

When I copied the contents from your post in Notepad++ this is what it showed

And had to be corrected as below:

Hope this helps you fix the issue

PiotrP · February 28, 2024, 7:53am

I don’t know why it wasn’t backslashes in the code - i try markdown.
Attaching whole policy, but difference from default is only i one attribute:

{
    "name": "account",
    "description": null,
    "usageType": "CREATE",
    "fields": [
        {
            "name": "objectType",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": "user"
                }
            },
            "attributes": {},
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "familyName",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "lastname"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "givenName",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "firstname"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "password",
            "transform": {
                "type": "rule",
                "attributes": {
                    "name": "Create Password"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "secret",
            "isMultiValued": false
        },
        {
            "name": "primaryEmail",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "email"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "relations",
            "transform": {
                "type": "static",
                "attributes": {
                    "managersMail": {
                        "type": "firstValid",
                        "attributes": {
                            "values": [
                                "$identity.getManager().getStringAttribute('email')",
                                "no manager exists"
                            ]
                        }
                    },
                    "value": "{\"value\": \"$managersMail\",\"type\": \"manager\"}"
                }
            },
            "attributes": {
                "cloudDelimiter": ",",
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": true
        },
        {
            "name": "domainName",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": ""
                }
            },
            "attributes": {},
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "projectId",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": ""
                }
            },
            "attributes": {},
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "serviceAccountId",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": ""
                }
            },
            "attributes": {},
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "displayName",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "displayName"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        }
    ]
}

PiotrP · February 28, 2024, 12:02pm

OK, problem solved.
In my case working syntax is:
"value": "{'value': '$workPhone','type': 'work'}"

enyway thanks for help

system · April 28, 2024, 12:02pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Provisioning Policy with Transform ISC Discussion and Questions transforms , identity-security-cloud , provisioning	3	242	February 17, 2024
Provision SCIM enterprise schema attributes ISC Discussion and Questions scim-connector , identity-security-cloud , provisioning	8	381	June 28, 2023
Coding transforms - referencing entitlement objects and attributes whilst provisioning ISC Discussion and Questions transforms , identity-security-cloud , provisioning , entitlements	7	457	March 8, 2024
Create Provisioning Policy Transform ISC Discussion and Questions transforms , identity-security-cloud , provisioning	2	215	March 9, 2024
Create Account API Clarifications ISC Discussion and Questions apis , identity-security-cloud , accounts	14	413	December 10, 2023

Google provisioning policy - Transform building JSON

Related Topics