ISC - Loop in workflow throwing error : Cannot find parameter

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hello,
II have a workflow that is triggered when provisioning is completed on 2 sources to enable account if it is disabled, so i make an http request with the API /v3/search with the following body:
{"indices":["identities"],"query":{"query":"(@accounts(accountId: \"{{$.loop.loopInput.accountId}}\" AND disabled:true) AND \"{{$.trigger.recipient.id}}\")"}}

image
image1279×622 53.2 KB

But i’m getting this error and i don’t know why because on the UI it’s working.

  "error": "task failed: activity error (type: sp:external:http:v2, scheduledEventID: 5, startedEventID: 6, identity: 1@sp-workflow-worker-stg-x): cannot find parameter with name: /secrets/x (type: Error Parsing Input, retryable: false): cannot find parameter with name: /secrets/x",

Can you help ?
Thanks,

2

HI,

I think the authentication for ISC is not added correctly. Can you check that part?

-Abhinov

3

Hi,
I checked without the loop and static value, the search query works fine but when i add the loop i get an error. I don’t thinks it’s related to authentification.

Regards,

4

Hi,

I think if you are passing any variables which are created outside of loop, they are not accessible inside the loop.

Can you check that?

Also if you want to loop with the response of httprequest, then you cannot add request inside loop. It should be outside of loop.

-Abhinov

5

Hi,

I am parsing {{$.loop.loopInput.accountId}} that should be accessible and i removed everythin in the loop context and still get the error. And the loop is based on accountRequests array in the trigger.

6

Hi,

Can you send what you added in loop input?

-Abhinov

7

Hi,
Sure this is what i added : $.trigger.accountRequests
I have nothing in context.
And my JSON body for the search post is :
{"indices":["identities"],"query":{"query":"(@accounts(accountId: \"{{$.loop.loopInput.accountId}}\" AND disabled:true))"}}

8

Hi,

I tried the same workflow with static input.

{
    "trackingNumber":"4b4d982dddff4267ab12f0f1e72b5a6d",
    "action":"IdentityRefresh",
    "requester":{
        "id":"2c91808b6ef1d43e016efba0ce470906",
        "name":"Adam Admin",
        "type":"IDENTITY"
    },
    "recipient":{
        "id":"2c91808b6ef1d43e016efba0ce470909",
        "name":"Ed Engineer",
        "type":"IDENTITY"
    },
    "errors":[
        "General Error",
        "Connector AD Failed"
    ],
    "warnings":[
        "Notification Skipped due to invalid email"
    ],
    "sources":"Corp AD, Corp LDAP, Corp Salesforce",
    "accountRequests":[
        {
            "source":{
                "id":"4e4d982dddff4267ab12f0f1e72b5a6d",
                "name":"Corporate Active Directory",
                "type":"SOURCE"
            },
            "accountId":"CN=example,ou=sample,ou=test,dc=ex,dc=com",
            "accountOperation":"Modify",
            "provisioningResult":"committed",
            "provisioningTarget":"Corp AD",
            "ticketId":"72619262",
            "attributeRequests":[
                {
                    "operation":"Add",
                    "attributeName":"memberOf",
                    "attributeValue":"CN=admin,DC=training,DC=com"
                }
            ]
        }
    ]
}

ProvisioningCompletedTrigger20241025.json (1.5 KB)

It can send the accountId in email. I think some issue in parsing only. Add the account ID into a variable inside the loop and pass it into the HTTPRequest. First check if the accountId can get successfully or not.

-Abhinov

9

When i add the accountId in a variable, the variable take the value of it but not in the http request. Is it because my trigger is “Provision completed” ?

10

Nothing like that.

If possible attach your workflow here. Will check it.

-Abhinov

11

Hi,
Yeah sure this is the workflow :
EnableHousesaccounts20241025 (1).json (2,1 Ko)