I am creating a web service connector for a source we are trying to integrate into IDN.
In the target system’s API, we have an optional field called “displayName” and “email” that we are trying to fill with the identity’s displayName and Email. Is there a simple way to retrieve this information and put it into my API call for Add Entitlement?
To give an example, when we want to insert the full name, we do “displayName”:“$plan.displayName$”. Is there a way to put these variables so the Add Entitlement capability can recognize them?
If it is not possible to retrieve the email and displayName, is this option also possible? Has anyone made the rule for “Web Services Before Operation Rule” that retrieves identity attributes that can help me?
You configure it in the Plan of Create and Modify provisioning policy and when the Add entitlement operation will be invoked if the user’s account does not exist on the end target system Create Operation will be invoked and will cater to the requirement and if the account already exists it will trigger the Modify Operation as Parent operation. Additionally you can leverage the attribute sync feature to also enforce the requirement closing any chance of missing the population of the said optional attribute.
Thank you for the suggestion, but I have already made these configurations, and the Add Entitlement operation sends the email and displayName fields as blank. They suggested making a rule “Web Services Before Operation Rule,” but I don’t have experience with this, and the project is delayed
I don’t have the code extract but I can give you the step wise process how to achieve the solution:
Step 1: Deploy WebServicesBeforeOperationRule
Step 2: Within the Rule invoke SailPoint API to get the specific identity’s rule
Step 3: Add a check that AttributeRequest is of type ADD
Step 4: Add call getIdentityAttribute API within the rule and capture the displayName and email attributes.
Step 5: Add the displayName and email to the plan
Step 6: End