I prefer to utilize a Workflow for implementing the Segregation of Duties (SoD) policy. To achieve this, I intend to store the application name along with the conflicting access profiles in a JSON object in a Define Variable operation. Subsequently, I will verify the requested application and retrieve the conflicting access profiles for that specific application from that JSON object.
Is there a way to store a JSON object in a Define Variable and then use that variable in a subsequent step to extract the relevant conflicting access profiles?
Define Variable always outputs a String Type, hence if you will try to store a json in a variable, it will be mostly empty or null as the input value is not a string.
Instead of using Define Variable operator, you can directly use JSONpath to reference your response json in the next step.
Like Shailee mentioned, I don’t believe there is a way to define a JSON object as a variable then reference it using a JSON path in your workflow since all variables are defined as strings. You would need to define each access profile id or name as its own variable.
If you need to check many access profiles this may not be feasible. I would need to know more details about the logic you are trying to build but one option you could explore is utilizing tagging on the access profiles/entitlements you would like to check. Then you could implement a search query (HTTP action) to retrieve these access items in your workflow. This would then allow you to reference the body of that call as a JSON object and use the loop operator to perform each check.
Keep in mind, I think the loop operator’s list size limit is 100.