IdentityNow Extensions for Visual Studio Code

Hello everyone!

As a daily-user of VSCode, I wanted to have a helpful extension to ease things with IdentityNow and its APIs.

Note: This extension is not developed, maintained or supported by SailPoint. It is a community effort to help manage IdentityNow from Visual Studio Code.

The extension has evolved and support the following operation, while benefiting from a fully-feature IDE like VSCode:

• Connect to several tenants
• Export config of a tenant
• View, edit, aggregate or reset sources
• View, create, edit, delete, and test transforms
• View, create, edit, delete provisioning policies of a source
• View, create, edit, delete schemas of a source
• View, edit, enable, disable, and test workflows and view execution history
• View, create, edit, delete connector rules and export/import the script of a rule

Once you have installed the extension, you will be have a new “IDN” menu where you add tenants and view objects:

image1112×723 54.8 KB

For more information, you can get to SailPoint IdentityNow - Visual Studio Marketplace

Installation

Installation is straightforward as the extension is published in VSCode marketplace.

Go to the extension menu or press Ctrl+Shift+X and look for the extension “IdentityNow”. Click on the button Install.

Version 0.0.14 is out.

• Add 2 commands for sources: reset accounts and reset entitlements
• Add support for Identity Profiles
• Pagination for sources (cf. #25)

Version 0.0.15 is out.

• Add supports for Service Desk Integrations (@fernando_delosrios )
• Fix supports of UTF-8 values in transform (cf. #33)

Hi, I have configured a tenant using this extension ,but i am able to see every component other than sources,if i enlarge the source i dont see any sources there ,instead i am getting “Cannot read properties of null (reading ‘toLowerCase’)” error.
Could you please help me out on this.

Hello @Divya_Sri_123
Do you have any source in your tenant?
Please open an issue in Issues · yannick-beot-sp/vscode-sailpoint-identitynow · GitHub.
Try to provide as much as possible information:

• OS
• Extension version
• VSCode version
• Logs ( Go to the menu “Help” > “Toggle Developer Tool” and look copy/paste logs)

Version 0.0.16 is out.

• Capability to export a single source, rule, transform or identity profile from the tree view
• Capability to refine export from the command palette or from a tenant in the tree view
• Capability to import a sp-config
• Can refresh identities under an identity profile (cf. #30)
• Fix error when exporting to file (cf. #35)

Hi there!

This is the only reference I can find to having issues using the PAT for this extension and I was wondering if anybody had any ideas. I have the IDN extension is VSCode, I add my tenant and the display name, then I get to the part of choosing a PAT or an Access Token. If I select AccessToken, I can get an access token from /ui/session and past it in and everything works fine, I am able to get data from my tenant. This is fine for quick lookups, but it is obviously a pain to keep getting a new token.

If I select PAT, I use the ClientID and ClientSecret I just generated in IDN under my account and I get the error below. So the tenant name is fine since I can connect with a generic Access Token, just not a PAT. The PATs I have created and tried are set to scopes:all. I’ve restarted VSCode, uninstalled and reinstalled the extension, tried creating new PATs, and haven’t found the answer.

Any help with this would be greatly appreciated!

ERR [Extension Host] ka: Unable to connect to ***.api.identitynow.com:443
	at TLSSocket.So (c:\Users\***\.vscode\extensions\yannick-beot-sp.vscode-sailpoint-identitynow-0.0.15\out\extension.js:5:9867)
	at Object.onceWrapper (node:events:646:26)
	at TLSSocket.emit (node:events:538:35)
	at emitErrorNT (node:internal/streams/destroy:157:8)
	at emitErrorCloseNT (node:internal/streams/destroy:122:3)
	at process.processTicksAndRejections (node:internal/process/task_queues:83:21)

Indeed, this is weird @zachm117 …
It seems the extension is not able to established the TLS connection.
The only difference is the call to the endpoint https://<tenantname>.api.identitynow.com:443/oauth/token to get an access token in exchange of the client id and secret.
Can you try to connect to this URL for your tenant? Here is what I got:

The error is “normal” as I’m just doing a GET and not trying the get an access token.
But it proves that the TLS connection is established.

Sure! Just using my browser and trying to access my tenant, I get the same screen.

@zachm117 I have just published a new version. It should correct your issue with PAT.

Version 0.0.17 is out!

• Update length limit for connector rule names and provisioning policy name
• Update regexp for tenant name
• Fix TLS error when trying to get an access token

I can confirm this new version did fix the TLS issue when getting an access token.

Thank you so much for helping to fix this, this will be very helpful for us to use now!

Version 0.0.18 is out.

• Export was not creating folders recursively
• Update schema for identity profiles, life cycle states, and provisioning policies
• Update regexp for tenant name for short names

To install a newer version, do I uninstall the previous version first?

When I export sp-config, where i the resulting file stored?

If you have installed from the marketplace, the version will update itself when VSCode is restarted.

It is stored in your profile.
My recommendation is to open a folder with VSCode.
When you export a file, the proposed path will be within this folder.

@yannick_beot I noticed when connector rules are edited and saved, it takes some time for it to actually update it on IdentityNow. Can I do anything to reduce the latency from my end?

It depends how long it takes for you.
It is almost instantaneous for me.
I guess that restarting the ccg service on the VA may speed up things:

sudo systemctl restart ccg

Yeah I guess that could be the case. The VA server my tenant connects to is protected behind a VPN layer, I guess that could be delaying the update a bit. It takes me about a minute to see the rule changes. The other features work instantly like source aggregations, or schema changes.