Hi All,
Can we write a IdentityTrigger rule for authorative source application account attributes. This is not a identity attribute.
Ex: we have a company attribute in HRMS application if any user changes one company to another company we should pass one value to AD. But company attribute is not a identity attribute.
Please provide your thoughts on it
Hi @sureshbommareddy98 Yes you can configure IdentityTrigger at Lifecycle events. Basically you need to enable Native Change Detection on your HR applications for Modify operation with needed columns, then you can use life cycle events with event type as Native Change or can also go with IdentityTrigger rule
@Arpitha1
Can you provide sample IdentityTrigger rule as we will not get previous identity value and new identity value as identity attributes
You can use this sample rule below -
import sailpoint.object.Link;
import sailpoint.tools.Util;
import sailpoint.object.Application;
import sailpoint.object.Identity;
import sailpoint.api.IdentityService;
boolean result = false;
String oldCompany = "";
String newCompany = "";
Application app = context.getObjectByName(Application.class, "HRMS");
IdentityService ids = new IdentityService(context);
List oldList = ids.getLinks(previousIdentity, app);
List newList = ids.getLinks(newIdentity, app);
//Checking value in PreviousIdentity
for(Link prevLink : Util.iterate(oldList))
{
if(Util.isNotNullOrEmpty(prevLink.getAttribute("company").toString()))
{
oldCompany = prevLink.getAttribute("company").toString();
}
}
//Checking value in NewIdentity
for(Link newLink : Util.iterate(newList))
{
if(Util.isNotNullOrEmpty(newLink.getAttribute("company").toString()))
{
newCompany = newLink.getAttribute("company").toString();
}
}
if(Util.isNotNullOrEmpty(oldCompany) && Util.isNotNullOrEmpty(newCompany))
{
if(!oldCompany.equalsIgnoreCase(newCompany))
{
result = true;
}
}
return result;
Thanks,
Harshith
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.