How to create and process a plan from Business Process?

lfagua · November 30, 2023, 8:31pm

Which IIQ version are you inquiring about?

Version 8.3

Hi SailPoint Developer Community

I am trying to create a provisioning plan using a rule to update some identities attributes from a business process.
The code that I am using is :

import sailpoint.object.Identity;
import java.util.*;
import java.util.ArrayList;
import java.util.List;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.Operation;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.object.ProvisioningProject;
import sailpoint.api.Provisioner;
import sailpoint.object.QueryOptions;
import sailpoint.api.SailPointContext;
import sailpoint.object.Filter;  

 if (identityName!= null){
          QueryOptions qo = new QueryOptions();
          qo.addFilter(Filter.eq("name",identityName));
          List users = context.getObjects(Identity.class,qo);                    
          if (users != null)
          {           
            Identity identity = (Identity) users.get(0);
          }
}

List requests = new ArrayList();
List attributes = new ArrayList();

ProvisioningPlan  plan = new ProvisioningPlan();

AccountRequest newreq = new AccountRequest();
newreq.setOperation(AccountRequest.Operation.Modify);
newreq.setApplication("IdentityIQ");
newreq.setNativeIdentity(identityName);

attributes.add(new AttributeRequest("company",  ProvisioningPlan.Operation.Set, "1"));
attributes.add(new AttributeRequest("inactive",  ProvisioningPlan.Operation.Set, true));

newreq.setAttributeRequests(attributes);
requests.add(newreq);

plan.setAccountRequests(requests);
plan.setIdentity(identity);
plan.setNativeIdentity(identityName);
plan.setTargetIntegration("IdentityIQ");

Provisioner provisioner= new Provisioner(context);
provisioner.setOptimisticProvisioning(true);
ProvisioningProject project =  provisioner.compile(plan);
provisioner.execute(plan);

// end

Through logs I sow that the plan is created correctly but it is not being executed.

Does anyone have a similar experience or any suggestions on how can I update some identities attributes from a business process?

Thanks for your help

kjakubiak · November 30, 2023, 8:38pm

Hi Felipe,

This part

you can replace with simple
Identity identity = context.getObjectByName(Identity.class,identityName);

This lines are not needed

This part

in some specific situations may cause problems. Instead of that I would suggest you just return plan from this step and pass it to next step which will call LCM Provisioning as subprocess.

Provisioner works fine with standard connectors but it will fail if you try to provision something via disconnected provisioning eg. to CSV file, it might be simmilar issue with loopback provisioning so I believe if you use LCM Provisioning as subprocess it should solve your problems.

lfagua · November 30, 2023, 9:47pm

Hi Kimil Thanks for your answer.

Do you know if this plan can be process by the same iiq (to update identity attributes) or is it only used for connectors ? If so, how can I specify it?

kjakubiak · November 30, 2023, 10:25pm

It should work OoTB but if you want in SSD you have Loopback connector which you can just install and treat IIQ as any other application.

MVKR7T · December 1, 2023, 1:51pm

To update identity attributes, you can use below code

import sailpoint.object.Identity; //Import Identity class
  
  Identity identity = context.getObjectByName(Identity.class, "101010"); //construct identity object
  
  String locationBefore = identity.getAttribute("location");
  String departmentBefore = identity.getAttribute("department");
  
  String location = "USA";
  String department = "Modelling";
  
  identity.setAttribute("location", location); //set location attribute
  identity.setAttribute("department", department); ////set department attribute
  
  context.saveObject(identity); //Save the object
  context.commitTransaction(); //commit the transaction to DB

Please note that, if you have source mapping for identity attributes, data whatever you set through the code will be overridden.

lfagua · December 1, 2023, 7:30pm

Thanks for the code Krishna, when i use it, in logs i sow an identity lock error, but i fix it using:

import sailpoint.api.ObjectUtil;
ObjectUtil.unlockIdentity(context,identity );

and now it’s working

Thanks for your help

system · January 30, 2024, 7:31pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Add workitems comment in a workflow IIQ Discussion and Questions workflows , identityiq	8	96	October 7, 2024
Role Assigment Dates IIQ Discussion and Questions identityiq	6	265	August 24, 2024
Need to create an Identity in SailPoint IIQ using Sub process workflow IIQ Discussion and Questions identityiq	7	86	October 8, 2024
Adding Members into Office365 Group IIQ Discussion and Questions identityiq , provisioning	7	44	November 18, 2024
Updating role information in database using global provisioning rule IIQ Discussion and Questions rules , identityiq , provisioning , access-requests , jdbc-connector	5	66	December 21, 2024

How to create and process a plan from Business Process?

Which IIQ version are you inquiring about?

Related topics