Hi,
Case : I need to add entitlement based on the availability of the source on that identity.
1 . Trigger
2. Get accounts
3. Loop and filter at sourceID — $.getAccounts.accounts[?(@.sourceId == “2c9180858066ffd70180851deaac1750”)]
4.Compare the sourceID
5. Get access
6. manage access
But “manage access” is not working inside the loop.
I have attached the JSON.
Hi @Manju22 ,
What’s the error you are receiving? Not able to grant access using manage access step? Check if Get Access step is actually giving you the output.
Is the entitlement you are trying add requestable?
Yes, its working without loop.
Can you share your loop and each actions config inside the loop? This will help in providing more context so that we can better answer your question.
I have found the issue on the loop,I have given wrong ID on the filter and loop is working now. But I get below error on manage access.
“task failed: activity error (type: sp:access:manage, scheduledEventID: 17, startedEventID: 18, identity: 1@sp-workflow-worker-stg-us-east-1-7797b7db98-6nfxk@sp-workflow-engine): request failed: 400 - 400 Bad Request: (type: HTTP Response Returned a Client Error, retryable: false): request failed: 400 - 400 Bad Request (type: fundamental, retryable: true)”,
Ravenewworkflow20250317.json (2.6 KB)
@Manju22 In Manage Access step, below should be $.trigger.identityId
No.. I didnt work for “$.trigger.identityId” also. I have verified with both.
hello @Manju22
Findings:
The workflow loop utilises identityid which is out the loop . In order to use this inside the loop , we have to include them in the loop context .
The following the update json :
{
"name": "Rave new workflow",
"description": "Rave new workflow",
"modified": "2025-03-18T07:21:38.756906388Z",
"modifiedBy": {
"type": "IDENTITY",
"id": "2c918087801ecaae01801ee03ec94b0b",
"name": "Manjuladevi Manickam"
},
"definition": {
"start": "Get Accounts",
"steps": {
"End Step — Success": {
"type": "success"
},
"Get Accounts": {
"actionId": "sp:get-accounts",
"attributes": {
"getAccountsBy": "specificIdentity",
"identity.$": "$.trigger.identityId"
},
"displayName": "",
"nextStep": "Loop",
"type": "action",
"versionNumber": 1
},
"Loop": {
"actionId": "sp:loop:iterator",
"attributes": {
"context.$": "$.trigger.identityId",
"input.$": "$.getAccounts.accounts[?(@.sourceId == \"2c9180858066ffd70180851deaac1750\")]",
"start": "Compare Strings",
"steps": {
"Compare Strings": {
"choiceList": [
{
"comparator": "StringEquals",
"nextStep": "Get Access",
"variableA.$": "$.loop.loopInput.sourceId",
"variableB": "2c9180858066ffd70180851deaac1750"
}
],
"defaultStep": "End Step — Success 2",
"description": null,
"type": "choice"
},
"End Step — Success 1": {
"type": "success"
},
"End Step — Success 2": {
"type": "success"
},
"Get Access": {
"actionId": "sp:access:get",
"attributes": {
"accessprofiles": true,
"entitlements": true,
"getAccessBy": "searchQuery",
"query": "name.exact:\"DanielsAPITesting\" AND source.name:\"Azure Active Directory Members\"",
"roles": true
},
"description": "Get's the DanielsAPITesting entitlement",
"nextStep": "Manage Access",
"type": "action",
"versionNumber": 1
},
"Manage Access": {
"actionId": "sp:access:manage",
"attributes": {
"addIdentities.$": "$.loop.context",
"comments": "Testing",
"requestType": "GRANT_ACCESS",
"requestedItems.$": "$.getAccess.accessItems"
},
"displayName": "",
"nextStep": "End Step — Success 1",
"type": "action",
"versionNumber": 1
}
}
},
"description": null,
"nextStep": "End Step — Success",
"type": "action",
"versionNumber": 1
}
}
},
"creator": {
"type": "IDENTITY",
"id": "2c918087801ecaae01801ee03ec94b0b",
"name": "Manjuladevi Manickam"
},
"trigger": {
"type": "EVENT",
"attributes": {
"filter.$": "$[?($.sourceId == \"0847b218f80644d38b8957ba0adb9bde\")]",
"id": "idn:source-account-created"
}
}
}
This helps !
Thanks
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.