Hello everyone, I’m studying about JDBC provisioning rules. Could someone tell me how I can point my JDBC source in this rule?
I have a source in identitynow already configured and working. I saw that there is a page explaining how to configure a JDBC Rule, but I didn’t understand how I can point the name of my source in the rule settings in VScode.
Website about the jdbc rule: https://community.sailpoint.com/t5/Identity-Security-Cloud-Wiki/IdentityNow-Rule-Guide-JDBC-Provision-Rule/ta-p/77339
Does anyone have an example to show me how to configure it?
Thank you
This page has instructions on how to point your source to your rule: Connector executed Rules | SailPoint Developer Community
You can check this for your reference
jesvin90
May 29, 2025, 8:21am
4
Hi @guilherme_sec ,
To create the rule :
From the link you shared, take everything after CDATA[ - Starting from import java.sql till return result;
Modify the code as required
Do a JSON escape. You can use - Free Online JSON Escape / Unescape Tool - FreeFormatter.com
Create the rule under the rules section in VSCode. Your JSON escaped code should go into the script section
The rule would look like this ;
{
"description": "Test JDBC Provisioning Rule",
"type": "JDBCProvision",
"signature": {
"input": [],
"output": null
},
"sourceCode": {
"version": "1.0",
"script": "import java.sql.Connection;\r\n import java.sql.DriverManager;\r\n import java.sql.PreparedStatement;\r\n import java.sql.SQLException;\r\n import java.sql.Types;\r\n import java.util.List;\r\n import sailpoint.api.SailPointContext;\r\n import sailpoint.connector.JDBCConnector;\r\n import sailpoint.object.Application;\r\n import sailpoint.object.ProvisioningPlan;\r\n import sailpoint.object.ProvisioningPlan.AccountRequest;\r\n import sailpoint.object.ProvisioningPlan.AttributeRequest;\r\n import sailpoint.object.ProvisioningPlan.PermissionRequest;\r\n import sailpoint.object.ProvisioningResult;\r\n import sailpoint.object.Schema;\r\n \r\n public String getAttributeRequestValue(AccountRequest acctReq, String attribute) {\r\n\r\n if ( acctReq != null ) {\r\n AttributeRequest attrReq = acctReq.getAttributeRequest(attribute);\r\n if ( attrReq != null ) {\r\n return attrReq.getValue();\r\n }\r\n }\r\n return null;\r\n }\r\n\r\n ProvisioningResult result = new ProvisioningResult();\r\n PreparedStatement statement;\r\n\r\n if ( plan != null ) {\r\n\r\n List accounts = plan.getAccountRequests();\r\n if ( ( accounts != null ) && ( accounts.size() > 0 ) ) {\r\n for ( AccountRequest account : accounts ) {\r\n try {\r\n if ( AccountRequest.Operation.Create.equals( account.getOperation() ) ) {\r\n \/\/ Ideally we should first check to see if the account already exists.\r\n \/\/ As written, this just assumes it does not.\r\n\r\n statement = connection.prepareStatement( \"insert into users (login,first,last,role,status) values (?,?,?,?,?)\" );\r\n statement.setString ( 1, (String) account.getNativeIdentity() );\r\n statement.setString ( 2, getAttributeRequestValue(account,\"first\") );\r\n statement.setString ( 3, getAttributeRequestValue(account,\"last\") );\r\n statement.setString ( 4, getAttributeRequestValue(account,\"role\") );\r\n statement.setString ( 5, getAttributeRequestValue(account,\"status\") );\r\n statement.executeUpdate();\r\n\r\n result.setStatus( ProvisioningResult.STATUS_COMMITTED );\r\n\r\n } else if ( AccountRequest.Operation.Modify.equals( account.getOperation() ) ) {\r\n\r\n \/\/ Modify account request -- change role\r\n\r\n PreparedStatement statement = connection.prepareStatement( \"update users set role = ? where login = ?\" );\r\n statement.setString ( 2, (String) account.getNativeIdentity() );\r\n if ( account != null ) {\r\n AttributeRequest attrReq = account.getAttributeRequest(\"role\");\r\n if ( attrReq != null && ProvisioningPlan.Operation.Remove.equals(attrReq.getOperation()) ) {\r\n statement.setNull ( 1, Types.NULL );\r\n statement.executeUpdate();\r\n } else {\r\n statement.setString(1,attrReq.getValue());\r\n statement.executeUpdate();\r\n }\r\n }\r\n result.setStatus( ProvisioningResult.STATUS_COMMITTED );\r\n\r\n } else if ( AccountRequest.Operation.Delete.equals( account.getOperation() ) ) {\r\n\r\n PreparedStatement statement = connection.prepareStatement( (String) application.getAttributeValue( \"account.deleteSQL\" ) );\r\n\r\n statement.setString ( 1, (String) account.getNativeIdentity() );\r\n statement.executeUpdate();\r\n\r\n result.setStatus( ProvisioningResult.STATUS_COMMITTED );\r\n\r\n } else if ( AccountRequest.Operation.Disable.equals( account.getOperation() ) ) {\r\n\r\n \/\/ Disable, not supported.\r\n\r\n } else if ( AccountRequest.Operation.Enable.equals( account.getOperation() ) ) {\r\n\r\n \/\/ Enable, not supported.\r\n\r\n } else if ( AccountRequest.Operation.Lock.equals( account.getOperation() ) ) {\r\n\r\n \/\/ Lock, not supported.\r\n\r\n } else if ( AccountRequest.Operation.Unlock.equals( account.getOperation() ) ) {\r\n\r\n \/\/ Unlock, not supported.\r\n\r\n } else {\r\n \/\/ Unknown operation!\r\n }\r\n }\r\n catch( SQLException e ) {\r\n result.setStatus( ProvisioningResult.STATUS_FAILED );\r\n result.addError( e );\r\n }\r\n finally {\r\n if(statement != null) {\r\n statement.close();\r\n }\r\n }\r\n }\r\n }\r\n }\r\n\r\n return result;"
},
"attributes": {
"sourceVersion": "1.0"
},
"name": "Test JDBC Provisioning Rule",
}
Add the rule to the source under connector attributes and Save
