Native Change Certification Campaign for Update

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hi Team,

I am currently working on Native Change Detection update where i need the certification to be created instead of Revocation Submission Request.
Currently I am trying to modify the workflow template of Native Change detected Update as below, but whatever I add in the filter the data is not being picked up. Below is how i am trying.

image
image1269×588 46.5 KB

I have also tried using “$.trigger.entitlementChanges[].added[].id”

Can you please let me know if am doing something wrong here, Tried various filters, the certification triggers successfully but is not catching any data.

Thanks,
Sindhu V Murthy

2

@SindhuVMurthy,

I see space after * in the added filter you provided in this input: “$.trigger.entitlementChanges[*].added[* ].id”. Please check that.

Nevertheless I tried both of the below options. It works perfectly fine.

  1. Directly used $.trigger.entitlementChanges[*].added[*].id or name
  2. Used $.trigger.entitlementChanges[*].added[*] as Loop input and used $.loop.loopInput.name and $.loop.loopInput.id as input values to send an email. The values are replaced
    If it didn’t work, please post the input used for the loop

Regards,
Uday

3

Hi @uday_kilambiCTS ,

I tried the same thing but it directly goes to complete state without considering any identities/access to certify.

image
image347×752 15.8 KB

image
image3024×45 5.59 KB

image
image3432×367 18.4 KB

Please let me know if I am missing something. And identity to certify and reviewer is different.

Thanks

4

Hope you added the context as $.trigger for the loop step, if you have used “$.trigger.entitlementChanges[*].added[*].id”

If you wish to use loopInput, then just $.loop.loopInput.id should suffice. You do not need to give the entire json like below, as we already specified it as entitlements to be reviewed.
image

5

I am also having this issue where it doesn’t catch any of the data

6

Can you please provide the workflow JSON file along with the execution log file for the failed run? Please make sure to sanitize any sensitive info in those files before sharing. It’s hard to figure out why it’s not working without that information.

7

NativeChangeAccessCert20240301.json (2.1 KB)
Here you go here is the post i also created a while before

8

Here is the other version as well the json
NativeChangeAccessCert220240301.json (2.2 KB)

I am working on getting the execution files without sensitive info

9

This is the execution for the first JSON

john doe NativeChangeAccessCertExecution20240301.csv (18.9 KB)

John doeNativeChangeAccessCert2Execution20240301 (1).csv (13.8 KB)
this is the execution file for the second JSON

10

So I uploaded your workflow into my environment, and I have a thought. The documentation for the create campaign action states that the input for the access filter text box should be an array of IDs (ex. [“id1”, “id2”, “id3”]). It looks like in your workflow, and @SindhuVMurthy 's example, you are inputting an array of objects. Instead, try changing the input type for Access Filter from “Enter Value” to “Choose Variable” and then paste this JSONpath into the text box.

$.trigger.entitlementChanges[*].added[*].id

It would look like this:

image
image2186×1358 270 KB

I believe this will work because that JSONpath produces an array of IDs. Try it on your workflow and let me know how it goes. If it still fails, please share the screenshot of how you configured that step along with the sanitized output log.

11

It still autocompletes

NativeChangeAccessCertExecution no data.csv (37.8 KB)

12

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.