Issue with IdentityNow Password Manager

Hi,

I’m trying to enable the password reset option for the users in SailPoint so that they can reset their password on their own.

Please find the steps i performed for testing the password management from SailPoint IdentityNow.

 We need a test account on any of the SAP to verify the password reset from SailPoint.
 Hence created a test account on SAP.
 As per SailPoint documentation, we followed below steps
 From the Admin interface, select Applications.
 select + New > named → Test
 Under App Accounts Created By, select Admin (IT) but the tenant UI do not have this option.
 Under Account Source, select Specific Users From Source or All Users From Source.
 Choose the source you enabled Password Management on from the Select Source dropdown menu.
 In the upper-right corner, set Enable For Users to ON and select Save.
 Users with accounts on this source : Test will see and can manage their passwords for this source using Password Manager.

We got stuck in this place as the newly configured application does not appear in “Password Manager”.

The step mentioned in Admin guide for " App Accounts Created By" is not available in the Tenant UI. Below are the Screenshots for the same.


We are having the same issue. I am opening a ticket with support as I believe this is a bug.

I checked the new source using one of the old APIs (/cc/api/source/get/:id) and found:

"useForPasswordManagement": false

Looking at the other sources, they are all set to true. So it appears there is a bug that isn’t setting this attribute on the source.

@Carlatto Thank you for letting me know. I’ll patiently wait for their response. If there are any updates, please keep me informed.”

@Carlatto

I have updated my source by adding attribute “useForPasswordManagement” in the source configuration and set the value true. It worked.

1 Like

Hello!
How can I update that value in the source configuration? @swapnasarit

I’m having this same issue. @gsierra - Did you update the attribute using the cc api or the beta api (beta/update-source)?

Actually I guess my question is for @swapnasarit, you got it working? Was it a cc api call you made, or a beta/update-source api call?

@davepeters & @gsierra

Yes, it is the cc API which worked for me.

Below are the steps with API details.

  • Get the external id or small id for your source. Use {{baseUrl}}/cc/api/source/list.

  • Get the Source details by its ID that you get in the first API call and check the value for “useForPasswordManagement”. Use {{baseUrl}}/cc/api/source/get/.

  • Do a POST call to update the value of useForPasswordManagement as true. Use API {{baseUrl}}/cc/api/source/update/.

  • Keep the Body as “x-www-form-urlencoded” and add the attribute and new value as key pair value.

1 Like

Just a reminder that all CC APIs are deprecated and will be turned off by the end of this year. This may work for now, but do not rely on this functionality in the near future. This sounds like a bug that needs to be fixed in the product.

Yes, its preventing us from using Password Manager.

I got this working based on the instructions from @swapnasarit with a few modifications. - Thank you very much!

modifications as per below
Do a POST call to update the value of useForPasswordManagement as true. Use API {{baseUrl}}/cc/api/source/update/[source ID from cc list].

My post was done with headers:
Accept: application/json

payload was JSON:
{‘useForPasswordManagement’: ‘true’}

1 Like

@colin_mckibben - This definitely seems like a bug. Please DM me if you would like our related support case number. After making the change using the cc api we managed to get this working. Thks

I agree with @davepeters that this appears to be a bug. We also have a support case open.

@colin_mckibben

I have moved this topic to the Bugs category. If anyone is able to provide updates on their support ticket when this is fixed, that would be appreciated by the community.

1 Like

Hi @davepeters,

I have tried your solution and the API call returns 410 Gone. May I know if the cc post has already depreciated or I have done something wrong in making the call?
Thanks.

I can’t really say. Maybe they deprecated it at this point. I would check with @derek_putnam

@iris_deloitte

I have confirmed that POST /cc/api/source/update/id has been deprecated. It has been replaced by the equivalent V3 endpoint as reported here in Non-Public API Deprecations.

As you and others have discovered, it appears that the ability to update useForPasswordManagement may not exist with PUT or PATCH v3/sources/id.

I see that you have opened a support ticket. If the support team is unable to resolve your issue and determines that this is a bug, an appropriate engineering ticket will be opened.

My ticket was closed by Support: "As this looks to be being handled by our dev relations and you have a work around I will go ahead and propose that this is resolved. "

I have not heard of a resolution, and still have this issue.

@Carlatto Can you please provide me with the customer support number?