How Can I Configure Role Assignment Criteria of NULL or Empty String

I have a role that I want to define a condition that states if username attribute value is equals NULL or “” or EMPTY string. How do I define this in IDN?

Hello Adebolu,

I don’t think it’s possible to have null values in the Role Criteria Assignments, so that’s probably not the way to go.

What you can do is add a custom attribute to your Identity Profile that does the null check on the username attribute. This can be as simple as a boolean true/false. You can then map this attribute to your role criteria, and if the attribute is “true” (username is not null), then it should be provisioned.

This is probably the easiest solution I can come up with at the moment. Lmk what you think about it. (also if you need help writing transform let us know).

Hi @adebomol2024,

Another approach :

If you want to check if an account exist in a source, and if you have some kind of a pattern on the account attribute, you can directly use a “contains” in the account. Below is an example for AD.

What I can suggest is to create another Identity Attribute (say userNameExists) and using a transform set it’s value to true or false based on the condition if userName exists. Then you can use the new Identity Attribute in your role assignment criteria

Thanks folks. I’ll create a new identity attribute and transform to perform the nullcheck