I’m trying to update User Levels via API in IdentityNow. I know that the old cc/api endpoint previously allowed this, but since it’s deprecated and unsupported, I’m looking for an equivalent in the /beta, /v3, or /v2024 APIs.
I have looked through the /v3 and /2024 endpoints but didn’t find a way to assign or remove User levels from a user.
Is there any supported API endpoint that allows adding/removing User Levels?
If this is no longer supported via API, what’s the recommended way to manage User Levels assignments automatically?
Are there plans to reintroduce this capability in a future API version?
To manage User Levels assignments automatically, you can configure ISC User Levels as Role Entitlement or Access profiles and assign them automatically via defining assignment criteria or lifecycleState…
Hi Daniel. You can use the ISC Governance source, connecting tenant to itself. When aggregating, user levels will appear as entitlements. So, you can request them or have roles using them.
Hi Julian! Thank you for the reply. Yes I’m aware of this connector, and the reason for the main question about doing it via API is that we want to manage our IdentityNow Admins accounts as separate identities (for different reasons). And I don’t believe this would be possible with this connector. Am I mistaken?
Hi Safae & thank you for the input.
I just answered Julian with some info on our use case, using Role Entitlements or Access Profiles will, as far as I know unfortunately not work for this particular solution since we want to manage our Admin accounts as separate identities.
The idea is to use a loopback connector which we can use for provisioning and deprovisioning IdentityNow Admin accounts (and new “Admin” identities), and also manage the access based on access requests.
With the ISC connector, you can grant or revoke admin user level to any identity (regardless where these identities comes from, admin level entitlement will appear on request center and can be granted to any identity).
This is the use case? Granting admin to any identity?
We can add or remove user levels through API. It is available in V3 version, and I tried to add user level through the Auth User API and got the expected result in IDN.
We want the connector itself to create the new Admin identities, so I believe it would be hard with this connector. But I do appreciate the idea =) Thank you!
