Needs to create NCD Workflow for Active Directory Source.
entitlements that are a part of the access profiles currently in SailPoint, Needs to validate through NCD workflow in Sailpoint iSC
Below is the workflow Json.
{
“name”: “NCD Test work for AD”,
“description”: “NCD for AD”,
“modified”: “2025-08-11T17:15:24.405365376Z”,
“modifiedBy”: {
“type”: “IDENTITY”,
“id”: “db0e92b8cecf4671ac303ad8d9a9e521”,
“name”: “Ramomohan Naidu”
},
“definition”: {
“start”: “Compare Strings”,
“steps”: {
“Compare Strings”: {
“actionId”: “sp:compare-strings”,
“choiceList”: [
{
“comparator”: “StringEquals”,
“nextStep”: “Loop”,
“variableA.$”: “$.trigger.source.id”,
“variableB”: “730e54e6008b40fdabcf0d0ad3404a7c”
}
],
“defaultStep”: “End Step - Success 1”,
“description”: null,
“displayName”: “”,
“type”: “choice”
},
“End Step - Success”: {
“actionId”: “sp:operator-success”,
“displayName”: “”,
“type”: “success”
},
“End Step - Success 1”: {
“actionId”: “sp:operator-success”,
“displayName”: “”,
“type”: “success”
},
“Loop”: {
“actionId”: “sp
iterator”,
“attributes”: {
“context.$”: “$.trigger.identity”,
“input.$”: “$.trigger.entitlementChanges[].added[]”,
“start”: “HTTP Request”,
“steps”: {
“End Step - Failure”: {
“actionId”: “sp:operator-failure”,
“displayName”: “”,
“failureName”: “END”,
“type”: “failure”
},
“End Step - Success 2”: {
“actionId”: “sp:operator-success”,
“displayName”: “”,
“type”: “success”
},
“Get Identity”: {
“actionId”: “sp:get-identity”,
“attributes”: {
“id.$”: “$.context.id”
},
“displayName”: “”,
“nextStep”: “Send Email”,
“type”: “action”,
“versionNumber”: 2
},
“HTTP Request”: {
“actionId”: “sp:http”,
“attributes”: {
“authenticationType”: “OAuth”,
“jsonRequestBody”: null,
“method”: “get”,
“oAuthClientId”: “a1a507e4d9cb4caeb3613236fe9e12bf”,
“oAuthClientSecret”: “$.secrets.0135d41c-3d23-417a-96eb-8604587e0488”,
“oAuthCredentialLocation”: “oAuthInHeader”,
“oAuthTokenUrl”: “https://{Tenat}.api.identitynow.com/oauth/token”,
“requestContentType”: “json”,
“url”: “https://{Tenat}.identitynow.com/v3/tagged-objects”,
“urlParams”: {
“id”: “{{$.loop.loopInput.id}}”,
“tags”: “WORKFLOW_TEST_NCD”
}
},
“displayName”: “”,
“nextStep”: “Verify Data Type”,
“type”: “action”,
“versionNumber”: 2
},
“Send Email”: {
“actionId”: “sp:send-email”,
“attributes”: {
“body”: “{{$.getIdentity.attributes.displayName}}\n{{$.getIdentity.attributes.manager}}\n{{$.getIdentity.emailAddress}}”,
“context”: {},
“recipientEmailList”: [
“”
],
“subject”: “NCD WF Test AD -Tagged Entts”
},
“description”: null,
“displayName”: “”,
“nextStep”: “End Step - Success 2”,
“type”: “action”,
“versionNumber”: 2
},
“Verify Data Type”: {
“actionId”: “sp:compare-unary”,
“choiceList”: [
{
“comparator”: “IsPresent”,
“nextStep”: “Get Identity”,
“variableA.$”: “$.hTTPRequest.body.objectRef[?(@.attribute == \“id\”)]”
}
],
“defaultStep”: “End Step - Failure”,
“description”: “Check if there are matching tagged entitlements”,
“displayName”: “”,
“type”: “choice”
}
}
},
“description”: null,
“displayName”: “”,
“nextStep”: “End Step - Success”,
“type”: “action”,
“versionNumber”: 1
}
}
},
“creator”: {
“type”: “IDENTITY”,
“id”: “db0e92b8cecf4671ac303ad8d9a9e521”,
“name”: “Ramomohan Naidu”
},
“trigger”: {
“type”: “EVENT”,
“attributes”: {
“filter.$”: “$.entitlementChanges[].added[]”,
“id”: “idn:native-change-account-created”
}
}
}
Have you tried this in your send email action?
{{$.trigger.identity.name}}
{{$.trigger.identity.id}}
{{$.trigger.identity.manager.name}}
{{$.trigger.eventType}}
{{$.trigger.account.name}}
Regards
Ankush
Why are you using a workflow when there is a default email template for new account creation?
Hi Ankush, yes, we tried but no result.