Hi Arshad,
No, it didnt work for me.
The way I have currently got it working is to use a WebServicesClient from within the Before Operation connector rule, to connect to IDN and read the account
I based this on the work by Fernando in Reverse entitlement aggregation for Web Services connector - IdentityNow (IDN) / IDN Show and Tell - SailPoint Developer Community Forum
Excuse my terrible coding, but this is the relevant part
String getJSONEntitlements(String url, String accessToken, String appId, String nativeId) throws Exception {
//log.error(logPrefix + "WSlookup - start getJSONEntitlements");
WebServicesClient client = new WebServicesClient();
Map args = new HashMap();
Map header = new HashMap();
List allowedStatuses = new ArrayList();
String request = String.format("%s/beta/accounts?filters=sourceId eq \"%s\" and nativeIdentity eq \"%s\"", url, appId, nativeId);
log.error(logPrefix + "WSlookup - request: " + request);
args.put(WebServicesClient.ARG_URL, request);
header.put("Authorization", String.format("Bearer %s", accessToken));
allowedStatuses.add("200");
client.configure(args);
try {
String response = client.executeGet(request, header, allowedStatuses);
//log.error(logPrefix + "WSlookup - getJSONEntitlements - returning response");
return response;
} catch (Exception e) {
throw new Exception(String.format("WSlookup Entitlements collection call failed: %s", e.getMessage()));
}
}
JsonArray roles33 = new JsonArray();
String nativeIdentity = accReq.getNativeIdentity();
log.error(logPrefix + "Looking up existing roles and groups of user: " + nativeIdentity);
String idnAccount = getJSONEntitlements(IDN_URL, ACCESS_TOKEN, APP_ID, nativeIdentity);
JsonParser parser = new JsonParser();
JsonArray jsonArray2 = parser.parse(idnAccount).getAsJsonArray();
JsonObject idnAccountJson = jsonArray2.get(0).getAsJsonObject();
//log.error(logPrefix + "idnAccountJson: " + idnAccountJson.toString());
JsonObject attributes = idnAccountJson.getAsJsonObject("attributes");
roles33 = attributes.getAsJsonArray("roles");