Team,
I need to create an automation to onboard disconnected applications in IIQ using SDK in bulk. Is there any eclipse/intelliJ framework that i can use?
Also what are the methods availble to create a disconnected application?
Any leads would help.
Thanks.
Hi Pratith,
I am not aware of any framework to create applications in bulk, maybe/hopefully anyone else here can tell if there is any.
There might be a smart way to create an application. At some of our projects we create applications based on a CMDB. We are creating a single entitlement for the application, if there is no application in IdentityIQ, to create a new application using MultiPlexing
The code to create an application with the name stored in AppName and with an entitlement named AppName + "_Access" based on application SourceApplication (to be run in a loop over the list of to be created applications):
Application application = context.getObjectByName(Application.class, AppName);
if(application == null){
ProvisioningPlan plan = new ProvisioningPlan();
plan.setTargetIntegration("SourceApplication");
ObjectRequest objectRequest = new ProvisioningPlan.ObjectRequest();
objectRequest.setApplication("ApplicationCreator");
objectRequest.setOp(ObjectOperation.Create);
objectRequest.setType("right");
objectRequest.setNativeIdentity(AppName + "_Access");
objectRequest.add(new ProvisioningPlan.AttributeRequest("IIQSourceApplication", name));
objectRequest.add(new ProvisioningPlan.AttributeRequest("ENTITLEMENT", "Access"));
plan.add(objectRequest);
provisioner.execute(plan);
}
To run the code an application with name SourceApplication must be available containing (amongst others) the following provisioning form and schema:
<Form name="Create Application" objectType="right" type="Create">
<Field displayName="Application" filterString="" name="IIQSourceApplication" required="true" type="string" />
<Field displayName="Entitlement" filterString="" name="ENTITLEMENT" required="true" type="string" value="Access" />
<Field dependencies="IIQSourceApplication,ENTITLEMENT" dynamic="true" filterString="" name="ENTITLEMENT_ID" required="true" type="string">
<Script>
<Source>return IIQSourceApplication + "|" + ENTITLEMENT;</Source>
</Script>
</Field>
</Form>
<Schema displayAttribute="ENTITLEMENT" featuresString="PROVISIONING" identityAttribute="ENTITLEMENT_ID" instanceAttribute="" nativeObjectType="right" objectType="right" permissionsRemediationModificationType="None">
<AttributeDefinition name="ENTITLEMENT_ID" type="string">
<Description></Description>
</AttributeDefinition>
<!-- Special attribute for the multiplex application -->
<AttributeDefinition name="IIQSourceApplication" type="string">
<Description></Description>
</AttributeDefinition>
<AttributeDefinition name="ENTITLEMENT" type="string">
<Description></Description>
</AttributeDefinition>
If you want to change anything per application you can put the extra code below the statement provisioner.execute(plan); like
application = context.getObjectByName(Application.class, AppName);
application.setAttribute("file","/var/data/application_ist.csv");
context.saveObject(application);
context.commitTransaction();
For knowing which functions/methods are available for applications look at the javadoc :
https://<servername>/identityiq/doc/javadoc/sailpoint/object/Application.html
There is also a more direct way to create applications (creating a new app in beanshell or cloning an other app), but I find the above the most simple and flexible once your familiar with the concept of MultiPlexing 
I hope this helps and brings creativity 
– Remold
You can check for the example ApplicationBuilder Rule in SailPoint IIQ. It is available in the following location
tomcat\webapps\identityiq\WEB-INF\config\applicationBuilderRule.xml
You can refer this rule and customize it according to your requirement.
I am creating a standalone java project to complete this automation and have installed the identityiq jar and am trying to call the metods to create a Delimited type of application.
Anyone can guide me how can i authenticate to my sailpoint instance ( not on local ) and call the methods of the SDK to create the delimited type of application
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.