IIQ REST API information for 8.1

IdentityIQ (IIQ) IIQ Discussion and Questions
1

Hello all,

Im currently in the process on upgrading our IIQ version to 8.1. We have an external service that makes a call to the IIQ REST API endpoint, identityiq/rest/identities/, to see if an identity with a given username exists or not. I recently found out in a SailPoint community forum post that this REST API endpoint will no longer accept an identity username as a parameter.

I’ve looked everywhere for information on this but all I could find was the REST API white paper that has not been updated since IIQ 7.2.

I have 2 questions for you all:

  1. Is there any new REST API documentation out there that has been updated for 8.1?

  2. If there is no longer a way with the REST API to see if a username exists given a username, then what are my next best options to achieve this?

1 Like
2

Hey @jlebron, Thanks for posting this question. I am going to ask around and see if we cannot return shortly with some answers to your inquiry.

3

@jordan.violet Awesome, thank you.

4

Hey @jlebron, thanks for your patience. To answer your two questions:

  1. The main source for documentation on this is IIQ REST API Integration, however, This document has not been updated but other than adding of OAuth 2 support to these APIs, nothing has changed. These APIs are no longer being added to because the SCIM API is where all new API development is happening for IIQ. That said, you can still use the APIs in that document. We just recommend that you try to first reference the SCIM APIs for IIQ , as documented at IdentityIQ API | SailPoint Developer Community

  2. For this task, we would recommend using the IdentityIQ SCIM API getUser operation.
    More information can be found at get-user-by-id | SailPoint Developer Community

5

@jlebron You may also find this document useful:
https://community.sailpoint.com/t5/Other-Documents/IdentityIQ-8-1-SCIM-API-Documentation/ta-p/177751

6

@jordan.violet oh awesome. thank you for the info. is the SCIM API an API that you have to enable in IdentityIQ or is it enabled out of the box?

1 Like
7

Hey @jlebron
The SCIM API is enabled by default. You just need an admin to give rights to a user in order to access it. Your SailPoint Admin can assist you with this.

8

@jordan.violet Awesome! that is good to hear. Do you know what rights are needed to access it?

9

The phasing for these rights in IIQ is SPRights and capabilities. Capabilities are bundles of rights needed to do a job. So there is a SCIMAdmin capability that captures all the sprights needed to do everything scim

10

Hi @jordan_violet

We are recently upgraded from 7.2 to 8.1p3

We found the POST [IdentityIQBaseURL]/rest/workflows//launch is not working on 8.1p3 anymore. It returns 405 method not allowed.

Also, can we add back the APIs since there’s a lot of third parties are trying to call the custom API that extended from the above Base REST API integration.

Is the method of writing plugins to expose custom API endpoint still working? We found “Create a custom JAX-RS application that extends SailPointRestApplication.java”

Could you please advise any workaround?

Reference: https://community.sailpoint.com/t5/Technical-White-Papers/IdentityIQ-REST-API-Integration/ta-p/76814?_gl=113ir7qz_gaMTI0NDI0NTMyNy4xNjM4MTY3NDU2_ga_SS72Z4HXJM*MTY0NTA2MzkxOC44Mi4xLjE2NDUwNjgxMDYuNjA.&_ga=2.35285605.532186450.1645005224-1244245327.1638167456#toc-hId–1842985418