How to create and process a plan from Business Process?

lfagua · November 30, 2023, 8:31pm

Which IIQ version are you inquiring about?

Version 8.3

Hi SailPoint Developer Community

I am trying to create a provisioning plan using a rule to update some identities attributes from a business process.
The code that I am using is :

import sailpoint.object.Identity;
import java.util.*;
import java.util.ArrayList;
import java.util.List;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.Operation;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.object.ProvisioningProject;
import sailpoint.api.Provisioner;
import sailpoint.object.QueryOptions;
import sailpoint.api.SailPointContext;
import sailpoint.object.Filter;  

 if (identityName!= null){
          QueryOptions qo = new QueryOptions();
          qo.addFilter(Filter.eq("name",identityName));
          List users = context.getObjects(Identity.class,qo);                    
          if (users != null)
          {           
            Identity identity = (Identity) users.get(0);
          }
}

List requests = new ArrayList();
List attributes = new ArrayList();

ProvisioningPlan  plan = new ProvisioningPlan();

AccountRequest newreq = new AccountRequest();
newreq.setOperation(AccountRequest.Operation.Modify);
newreq.setApplication("IdentityIQ");
newreq.setNativeIdentity(identityName);

attributes.add(new AttributeRequest("company",  ProvisioningPlan.Operation.Set, "1"));
attributes.add(new AttributeRequest("inactive",  ProvisioningPlan.Operation.Set, true));

newreq.setAttributeRequests(attributes);
requests.add(newreq);

plan.setAccountRequests(requests);
plan.setIdentity(identity);
plan.setNativeIdentity(identityName);
plan.setTargetIntegration("IdentityIQ");

Provisioner provisioner= new Provisioner(context);
provisioner.setOptimisticProvisioning(true);
ProvisioningProject project =  provisioner.compile(plan);
provisioner.execute(plan);

// end

Through logs I sow that the plan is created correctly but it is not being executed.

Does anyone have a similar experience or any suggestions on how can I update some identities attributes from a business process?

Thanks for your help

kjakubiak · November 30, 2023, 8:38pm

Hi Felipe,

This part

you can replace with simple
Identity identity = context.getObjectByName(Identity.class,identityName);

This lines are not needed

This part

in some specific situations may cause problems. Instead of that I would suggest you just return plan from this step and pass it to next step which will call LCM Provisioning as subprocess.

Provisioner works fine with standard connectors but it will fail if you try to provision something via disconnected provisioning eg. to CSV file, it might be simmilar issue with loopback provisioning so I believe if you use LCM Provisioning as subprocess it should solve your problems.

lfagua · November 30, 2023, 9:47pm

Hi Kimil Thanks for your answer.

Do you know if this plan can be process by the same iiq (to update identity attributes) or is it only used for connectors ? If so, how can I specify it?

kjakubiak · November 30, 2023, 10:25pm

It should work OoTB but if you want in SSD you have Loopback connector which you can just install and treat IIQ as any other application.

MVKR7T · December 1, 2023, 1:51pm

To update identity attributes, you can use below code

import sailpoint.object.Identity; //Import Identity class
  
  Identity identity = context.getObjectByName(Identity.class, "101010"); //construct identity object
  
  String locationBefore = identity.getAttribute("location");
  String departmentBefore = identity.getAttribute("department");
  
  String location = "USA";
  String department = "Modelling";
  
  identity.setAttribute("location", location); //set location attribute
  identity.setAttribute("department", department); ////set department attribute
  
  context.saveObject(identity); //Save the object
  context.commitTransaction(); //commit the transaction to DB

Please note that, if you have source mapping for identity attributes, data whatever you set through the code will be overridden.

lfagua · December 1, 2023, 7:30pm

Thanks for the code Krishna, when i use it, in logs i sow an identity lock error, but i fix it using:

import sailpoint.api.ObjectUtil;
ObjectUtil.unlockIdentity(context,identity );

and now it’s working

Thanks for your help

system · January 30, 2024, 7:31pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Getting Started with SailPoint IIQ Development Community Blog identityiq	6	1436	April 16, 2024
Custom Workflows IIQ Discussion and Questions workflows , identityiq	5	268	March 24, 2024
Provisioning Active directory account (Account Creation) using a rule IIQ Discussion and Questions rules , identityiq , provisioning	6	962	December 22, 2023
Create Active Directory Group - Entitlement Update Worklofw IIQ Discussion and Questions workflows , identityiq , entitlements	6	538	January 29, 2024
Use an xml provisioning plan to add the same role to different identities IIQ Discussion and Questions identityiq , provisioning , attributes	4	173	April 23, 2024

How to create and process a plan from Business Process?

Which IIQ version are you inquiring about?

Related Topics