An Admin can see the list of Machine Accounts a user owns by going to the user’s tab ”Ownership” - “Machine Accounts” (See screenshot).
Is there anyway to use a Transform to pull this corresponding data for a user?
I need an Identity Attribute which has a value “Y” or “N” depending on whether or not the user owns any Machine Accounts in our environment. My plan is to use this attribute in a Workflow Trigger so that the Workflow only kicks off if the user owns any Machine Accounts.
The Source we’re using for Machine Accounts is not actually a correlated source for the owners, so I am unable to pull account data through a correlated source in the user’s list of accounts.
I’m wondering if a Transform can check to see if a user owns a Machine account somehow - seeing as ownership is something the UI shows independent of a correlated list of accounts for the user.
You won’t get “owner” reliably with a Transform alone unless the owner value is already present in the same record/identity context you’re transforming. Transforms don’t do external lookups.
so you can try
Bring an “owner hint” into the machine account during aggregation (ex: AD managedBy, a CMDB owner field, an app “technicalOwner” attribute) via Machine Account Attribute Mapping.
Use an event-triggered workflow (Machine Identity Created/Updated) to:
resolve that hint to a real ISC identity, then
PATCH the machine account and set ownerIdentity.
Find machine accounts that need an owner (example: owner missing)
Use Machine Accounts list with filters (standard collection filtering).
Filtering supports fields like ownerIdentity, ownerIdentityId, nativeIdentity, machineIdentity, source, etc. (so you can target exactly what you need).
2) Set/replace the owner on a machine account (JSON Patch)
ownerIdentity is patchable on /machine-accounts/{id}.
Use Machine Identity Created or Machine Identity Updated trigger to fire your workflow and do the resolution + patching. In practice: trigger → read machine identity/accounts → resolve owner → PATCH machine account owner.
