Hey, i see that you are iterating over the attributeRequest to get certain attribute value. Try the code snippet below and letme know if that works for you
for (AccountRequest accReq : Util.iterate(provisioningPlan.getAccountRequests())) {
for (ProvisioningPlan.AttributeRequest attReq : Util.iterate(accReq.getAttributeRequests())) {
if(null!=attReq){
String attrName = attReq.getName();
if (null!=attrName && attrName.equalsIgnoreCase("accountStatus")) {
String accountStatus = attReq.getValue();
}
}
}
}
Instead of using String accountStatus = plan.getStringAttribute("accountStatus");, you should iterate through the accountRequest and use AttributeRequest to retrieve the value. It would look something like this:
for (AttributeRequest attributeRequest : Util.iterate(accReq .getAttributeRequests())) {
String name = attributeRequest.getName();
String value = attributeRequest.getValue();
}
and you dont need to use this ProvisioningPlan plan = context.getPlan(); , the provisioningPlan variable is already an input which you can use.
Okay so just to confirm the attribute accoutStatus, that you are looking for, is that a part of plan?
If not then you will have to add it to the plan. From connector rules we cannot get the identity account attributes directly in order to get that first you will have to either include that attribute into the plan and then use.
I tried this, but when I save de beforeRule, an error occurs:
(AxiosError: Request failed with status code 400)
import sailpoint.api.SailPointContext;
import sailpoint.object.Application;
import sailpoint.object.Identity;
import sailpoint.object.Link;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.object.Schema;
import sailpoint.tools.Util;
Identity identity = plan.getIdentity();
String identityName = identity.getName();
// Get the SailPointContext
SailPointContext context = sailpoint.api.SailPointFactory.getCurrentContext();
// Iterate through the account requests in the provisioning plan
for (AccountRequest accReq : Util.iterate(plan.getAccountRequests())) {
Application application = context.getObject(Application.class, accReq.getApplicationId());
String nativeIdentity = accReq.getNativeIdentity();
// Get the link for the account
Link link = identity.getLink(application);
if (link != null) {
// Get the account attributes from the link
Map accountAttributes = link.getAttributes();
// Retrieve the "accountStatus" attribute value
String accountStatus = (String) accountAttributes.get("accountStatus");
// Do something with the "accountStatus" value
log.info("################################### Rule - INOA85 - Broker Tools: " + accountStatus);
}
}
If you navigate to account activity and see the request, you will be able to see if that attribute accountStatus, was being sent to the plan.
If it is then you can use it. otherwise,
you can call the api first, get the account status and then use it.
Add the attribute in the plan using Before Provisioning rule and use it in the body
Create a policy i,e UPDATE / UPDATE_GROUP policy to add the attribute to the plan and you can then use it.
the link and identity operations that are being used here in the script, are not available on the connector rules. The operations we are using right now are available only on the cloud rules.
