I need a workflow that forward all pending certifications of a user to his manager’s manager when manager of the user is terminated.
suppose user is xyz—abc(xyz’s manager)—-lmn(abc’s manager)
Now when the abc is terminated (lifecycle state becomes terminateddisabeled) then all the pending certification should automatically forwarded to lmn(abc’s manager) please guide??
Please check this feature of ISC governance connector
tried this but not working
what have you tried so far and where are you stuck? It is easier for us to help debug an issue than to ask for someone to do all the work.
for what you are asking, i would look at doing a workflow that takes in the user, then gets their manager, then gets their Manager’s manager. Once you have those variables, you can use the actions or API to get the original user’s pending items you want to reassign, the make the calls to reassign those
I want so many things too. But i need to work for them 
this is the workflow we tried @gmilunich can you please suggest what is wrong
{
"name": "Forward Certifications on Manager Termination",
"description": "When a manager is terminated, all their pending certification reviews are reassigned to their manager.",
"definition": {
"start": "Get Terminated Manager",
"steps": {
"Get Terminated Manager": {
"actionId": "sp:get-identity",
"attributes": {
"id.$": "$.trigger.identity.id"
},
"displayName": "Get Terminated Manager Details",
"nextStep": "Get Managers Manager",
"type": "action",
"versionNumber": 2
},
"Get Managers Manager": {
"actionId": "sp:get-identity",
"attributes": {
"id.$": "$.getTerminatedManager.managerRef.id"
},
"displayName": "Get Manager’s Manager Details",
"nextStep": "Get Campaigns",
"type": "action",
"versionNumber": 2
},
"Get Campaigns": {
"actionId": "sp:http",
"attributes": {
"authenticationType": "OAuth",
"method": "get",
"oAuthClientId": "YOUR_CLIENT_ID",
"oAuthClientSecret": "$.secrets.YOUR_SECRET",
"oAuthCredentialLocation": "oAuthInHeader",
"oAuthTokenUrl": "https://XYZ.api.identitynow.com/oauth/token",
"url": "https://XYZ.api.identitynow.com/v2024/campaigns?filters=reviewer.id eq {{$.getTerminatedManager.id}}"
},
"displayName": "Get Certification Campaigns",
"nextStep": "Loop Campaigns",
"type": "action",
"versionNumber": 2
},
"Loop Campaigns": {
"actionId": "sp:loop:iterator",
"attributes": {
"input.$": "$.getCampaigns.body",
"start": "Forward Certification",
"steps": {
"Forward Certification": {
"actionId": "sp:http",
"attributes": {
"authenticationType": "OAuth",
"method": "post",
"oAuthClientId": "YOUR_CLIENT_ID",
"oAuthClientSecret": "$.secrets.YOUR_SECRET",
"oAuthCredentialLocation": "oAuthInHeader",
"oAuthTokenUrl": "https://XYZ.api.identitynow.com/oauth/token",
"requestContentType": "json",
"url": "https://XYZ.api.identitynow.com/v2024/campaigns/{{$.loop.loopInput.id}}/reassign",
"jsonRequestBody": {
"fromIdentityId": "{{$.getTerminatedManager.id}}",
"toIdentityId": "{{$.getManagersManager.id}}",
"comment": "Reassigned because manager was terminated"
}
},
"displayName": "Forward Certification",
"nextStep": "End Loop",
"type": "action",
"versionNumber": 2
},
"End Loop": {
"actionId": "sp:operator-success",
"displayName": "Certification Forwarded",
"type": "success"
}
}
},
"displayName": "Loop Through Campaigns",
"nextStep": "End Workflow",
"type": "action",
"versionNumber": 1
},
"End Workflow": {
"actionId": "sp:operator-success",
"displayName": "Workflow Complete",
"type": "success"
}
}
},
"trigger": {
"type": "EVENT",
"attributes": {
"filter.$": "$.changes[?(@.attribute == \"cloudLifecycleState\" && @.newValue == \"terminatedDisabled\")]",
"id": "idn:identity-attributes-changed"
}
}
}
Since you have the workflow now, you can run it with test data ( or real sandbox data) and then get the execution plan from the UI, which is an excel doc. Review that documentation and verify that the values you are expecting are set for the variable.
Additionally, you should let us know what isn’t working and what you are seeing. If you have done any debugging that would be helpful to know too
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.