How to create and process a plan from Business Process?

lfagua · November 30, 2023, 8:31pm

Which IIQ version are you inquiring about?

Version 8.3

Hi SailPoint Developer Community

I am trying to create a provisioning plan using a rule to update some identities attributes from a business process.
The code that I am using is :

import sailpoint.object.Identity;
import java.util.*;
import java.util.ArrayList;
import java.util.List;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.Operation;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.object.ProvisioningProject;
import sailpoint.api.Provisioner;
import sailpoint.object.QueryOptions;
import sailpoint.api.SailPointContext;
import sailpoint.object.Filter;  

 if (identityName!= null){
          QueryOptions qo = new QueryOptions();
          qo.addFilter(Filter.eq("name",identityName));
          List users = context.getObjects(Identity.class,qo);                    
          if (users != null)
          {           
            Identity identity = (Identity) users.get(0);
          }
}

List requests = new ArrayList();
List attributes = new ArrayList();

ProvisioningPlan  plan = new ProvisioningPlan();

AccountRequest newreq = new AccountRequest();
newreq.setOperation(AccountRequest.Operation.Modify);
newreq.setApplication("IdentityIQ");
newreq.setNativeIdentity(identityName);

attributes.add(new AttributeRequest("company",  ProvisioningPlan.Operation.Set, "1"));
attributes.add(new AttributeRequest("inactive",  ProvisioningPlan.Operation.Set, true));

newreq.setAttributeRequests(attributes);
requests.add(newreq);

plan.setAccountRequests(requests);
plan.setIdentity(identity);
plan.setNativeIdentity(identityName);
plan.setTargetIntegration("IdentityIQ");

Provisioner provisioner= new Provisioner(context);
provisioner.setOptimisticProvisioning(true);
ProvisioningProject project =  provisioner.compile(plan);
provisioner.execute(plan);

// end

Through logs I sow that the plan is created correctly but it is not being executed.

Does anyone have a similar experience or any suggestions on how can I update some identities attributes from a business process?

Thanks for your help

kjakubiak · November 30, 2023, 8:38pm

Hi Felipe,

This part

you can replace with simple
Identity identity = context.getObjectByName(Identity.class,identityName);

This lines are not needed

This part

in some specific situations may cause problems. Instead of that I would suggest you just return plan from this step and pass it to next step which will call LCM Provisioning as subprocess.

Provisioner works fine with standard connectors but it will fail if you try to provision something via disconnected provisioning eg. to CSV file, it might be simmilar issue with loopback provisioning so I believe if you use LCM Provisioning as subprocess it should solve your problems.

lfagua · November 30, 2023, 9:47pm

Hi Kimil Thanks for your answer.

Do you know if this plan can be process by the same iiq (to update identity attributes) or is it only used for connectors ? If so, how can I specify it?

kjakubiak · November 30, 2023, 10:25pm

It should work OoTB but if you want in SSD you have Loopback connector which you can just install and treat IIQ as any other application.

KRM7 · December 1, 2023, 1:51pm

To update identity attributes, you can use below code

import sailpoint.object.Identity; //Import Identity class
  
  Identity identity = context.getObjectByName(Identity.class, "101010"); //construct identity object
  
  String locationBefore = identity.getAttribute("location");
  String departmentBefore = identity.getAttribute("department");
  
  String location = "USA";
  String department = "Modelling";
  
  identity.setAttribute("location", location); //set location attribute
  identity.setAttribute("department", department); ////set department attribute
  
  context.saveObject(identity); //Save the object
  context.commitTransaction(); //commit the transaction to DB

Please note that, if you have source mapping for identity attributes, data whatever you set through the code will be overridden.

lfagua · December 1, 2023, 7:30pm

Thanks for the code Krishna, when i use it, in logs i sow an identity lock error, but i fix it using:

import sailpoint.api.ObjectUtil;
ObjectUtil.unlockIdentity(context,identity );

and now it’s working

Thanks for your help

Topic		Replies	Views
Getting error in provisioning plan IIQ Discussion and Questions workflows , rules , identityiq , provisioning	10	438	August 30, 2024
AD-IQService Provisioning issue IIQ Discussion and Questions identityiq , provisioning	11	555	June 21, 2024
WebService Before Operation Rule, IdentityIQ IIQ Discussion and Questions webservice-connector , identityiq	5	517	August 19, 2024
Provisioning plan attributes ISC Discussion and Questions rules , provisioning	8	5381	July 19, 2023
IdentityNow ProvisioningPlan Issue: sailpoint.tools.GeneralException: Missing identity ISC Discussion and Questions identity-security-cloud , provisioning	10	488	November 30, 2024

How to create and process a plan from Business Process?

Which IIQ version are you inquiring about?

Related topics