Issue in request body in workflow getting error

Identity Security Cloud (ISC) ISC Discussion and Questions
1

Hye guys,

i am using this in request body in workflow

{“certificationIds”:“{{$.loop.loopInput.id}}”,“reason”:“Reassigned because manager was terminated”,“reassignTo”:“{{$.getManagersManager.id}}”}

and getting below error

{
“errorMessage”: “task failed: activity error (type: sp:external:http:v2, scheduledEventID: 5, startedEventID: 6, identity: 1@sp-workflow-worker-stg-us-east-1-6b5755d6cd-fdjb2@sp-workflow-engine): request failed (type: HTTP Response Returned a Client Error, retryable: false): request failed: 400 - 400 Bad Request - {“detailCode”:“400.0 Bad request syntax”,“trackingId”:“d589d78114f24ef6a40ca70113e34f4b”,“messages”:[{“locale”:“und”,“localeOrigin”:“REQUEST”,“text”:“The request could not be parsed.”},{“locale”:“en-US”,“localeOrigin”:“DEFAULT”,“text”:“The request could not be parsed.”}],“causes”:}”,
“payload”: null
},

waht can be the reason?

2

Hi there,

It looks like you’re using the v2024 API with the /v2024/campaigns/:id/reassign endpoint—is that correct? If so, I noticed a couple of things that might help clarify your setup.

The reassignTo key typically expects an object like this:

"reassignTo": { "id": "ef38f94347e94562b5bb8424a56397d8", "type": "IDENTITY" }

Also, it seems that certificationIds is expected to be a list, but the variable {{$.loop.loopInput.id}} appears to be a string.

Additionally, I saw the variable {{$.getManagersManager.id}} in your setup. Just a quick note: when using the GetIdentity action, the logical name for referencing the data stays consistent regardless of the action’s display name. For example:

  • For the first GetIdentity action (e.g., named “Get Manager Being Terminated”), you’d reference the identity data with $.getIdentity.id.

  • For a second GetIdentity action (e.g., named “Get Managers Manager”), you’d use $.getIdentity2.id to access its data.

If you could share the workflow JSON, it would really help!!

Best regards

3

yes @YanCoelho we are using V2024 api .

So basically we have made this below workflow to forward the pending certficate of user to his manager’s manager is the manmnager of user is terminated .

Kindly help me modify this workflow and if possible give me the correct one thanks

{
	"name": "Forward Certifications on Manager Termination",
	"description": "When a manager is terminated, all their pending certification reviews are reassigned to their manager.",
	"modified": "2025-09-23T18:12:49.464160784Z",
	"modifiedBy": {
		"type": "IDENTITY",
		"id": "25b762a1969a475b8215d21ae28e8004",
		"name": "balaji"
	},
	"definition": {
		"start": "Get Terminated Manager",
		"steps": {
			"End Workflow": {
				"actionId": "sp:operator-success",
				"displayName": "Workflow Complete",
				"type": "success"
			},
			"Get Campaigns": {
				"actionId": "sp:http",
				"attributes": {
					"authenticationType": "OAuth",
					"jsonRequestBody.$": "",
					"method": "get",
					"oAuthClientId": "8c2a79d44fe94cc8a2a83710b4429f57",
					"oAuthClientSecret": "$.secrets.746c5897-a82c-4bb6-b152-b45a3e0f36a9",
					"oAuthCredentialLocation": "oAuthInHeader",
					"oAuthTokenUrl": "https://xyz.api.identitynow.com/oauth/token",
					"requestContentType": null,
					"url": "https://xyz.api.identitynow.com/v2024/campaigns",
					"urlParams": {
						"reviewer.id": "{{$.getTerminatedManager.id}}"
					}
				},
				"displayName": "Get Certification Campaigns",
				"nextStep": "Loop",
				"type": "action",
				"versionNumber": 2
			},
			"Get Managers Manager": {
				"actionId": "sp:get-identity",
				"attributes": {
					"id.$": "$.getTerminatedManager.managerRef.id"
				},
				"displayName": "Get Manager’s Manager Details",
				"nextStep": "Get Campaigns",
				"type": "action",
				"versionNumber": 2
			},
			"Get Terminated Manager": {
				"actionId": "sp:get-identity",
				"attributes": {
					"id.$": "$.trigger.identity.id"
				},
				"displayName": "Get Terminated Manager Details",
				"nextStep": "Get Managers Manager",
				"type": "action",
				"versionNumber": 2
			},
			"Loop": {
				"actionId": "sp:loop:iterator",
				"attributes": {
					"input.$": "$.getCampaigns.body",
					"start": "Forward Certification",
					"steps": {
						"End Loop": {
							"actionId": "sp:operator-success",
							"displayName": "Certification Forwarded",
							"type": "success"
						},
						"Forward Certification": {
							"actionId": "sp:http",
							"attributes": {
								"authenticationType": "OAuth",
								"jsonRequestBody": {
									"certificationIds": [
										"{{$.loop.loopInput.id}}"
									],
									"reason": "Reassigned because manager was terminated",
									"reassignTo": "{{$.getManagersManager.id}}"
								},
								"method": "post",
								"oAuthClientId": "8c2a79d44fe94cc8a2a83710b4429f57",
								"oAuthClientSecret": "$.secrets.d96bcd4e-4af2-4e8c-a9f3-6759866ef29f",
								"oAuthCredentialLocation": "oAuthInHeader",
								"oAuthTokenUrl": "https://xyz.api.identitynow.com/oauth/token",
								"requestContentType": "json",
								"url": "https://xyz.api.identitynow.com/v2024/campaigns/{{$.loop.loopInput.id}}/reassign"
							},
							"displayName": "Forward Certification",
							"nextStep": "End Loop",
							"type": "action",
							"versionNumber": 2
						}
					}
				},
				"displayName": "",
				"nextStep": "End Workflow",
				"type": "action",
				"versionNumber": 1
			}
		}
	},
	"creator": {
		"type": "IDENTITY",
		"id": "15d01f1284cc4c03b6110df0a784a588",
		"name": "Rakesh"
	},
	"trigger": {
		"type": "EVENT",
		"attributes": {
			"filter.$": "$.changes[?(@.attribute == \"cloudLifecycleState\" && @.newValue == \"terminatedDisabled\")]",
			"id": "idn:identity-attributes-changed"
		}
	}
}
4

Hey @Rakesh_Singh_1234 !

This doesn’t directly answer your question about the issue you are having with your workflow, but have you checked out the ISC Governance Connector? It can be configured to automatically reassign Pending Certification Decisions to the terminated user’s manager without the need for a workflow. This might not work in your specific case, but I just figured I would mention it as it is a bit simpler and can offer some additional functionality.

Please let me know if this helps!

  • Zach
5

@zachm117 thanks for the answer.

Are you trying to say that we can do it thorugh the UI and don’t need the workflow for this ?

And if yes can you kindly help me out how i can configure the setings for forwarding the cert to manager? PLease give me steps. thanks

My ask or requirement is simply to forward the pending cert to the user whose manager just got terminated and to send the cert now to his manager’s manager

6

You can create a new ISC Governance connector and configure it as needed. If you check out the link I sent in my last post, it can help walk you through the setup of this connector.

7

i chked that but it is not a detailed document with all steps @zachm117

8

I think you need to be including a context here.

Right now, you just have an input of $.getCampaigns.body . You’re then trying to access $.getManagersManager.id which isn’t included in you loop input.

Add in $.getManagersManager to your context and then you can access the variables outside your loop, e.g., $.loop.context.id to get the managers manager id.

9

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.