NERM Import Portal Users

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

We have a use case where we have some users we will need to import into NERM. They will act as portal users that will request/approve contractors. We have already implemented a registration process for the portal but since there are over 100 users already that we will need to have access to NERM, we are looking for a way to bulk import them at once.

There is an option to import them as users but how can we make them portal users? They will need to be portal users to SSO into NERM using the portal URL.

Thanks in advance!

2

This can be achieved by configuring a workflow as “Bulk Import Usage”, where in the workflow you can utilize the NERM API’s to create them an identity profile and then you can create them a collaboration account with the role you desire they have. Be sure to make sure they have the group that you have configured within your IdP.

API Endpoint to utilize for creating Collab users → submit-user | SailPoint Developer Community

Let me know if you have any questions.

3

Hi Colton,
Thanks for your reply. I’m guessing the workflow type would be Registration. How can we parse through the file that we have with the users and have the workflow read each user and make an account for them? Would the workflow automatically go through each user in the file (csv file) and do the actions in the workflow for them?

4

Let me provide a bit more detail.

This would be a Create Workflow with the “Bulk Import Usage” enabled. By doing this you can upload a CSV file to create Identity profiles for the users, and then use the aforementioned API endpoint in my previous comment to Create a Collaboration account for them. This Bulk Import functionality allows you to map the CSV headers to NERM attributes. The system essentially processes each row separately, so if one row failed for any reason it would still process the other records/rows.

Documentation for how/what Bulk Import workflows can be found here → New Capability: CSV Profile Import for Business Users!

Hope this clears it up!

2 Likes
5

So if I understand correctly, the API creates a collaboration account for them? In the earlier reply you mentioned that the API creates an identity profile. If it creates a collaboration account, how do we determine which portal they will be a part of?

6

So if I understand correctly, the API creates a collaboration account for them?

  • Yes

In the earlier reply you mentioned that the API creates an identity profile.

  • I reread my response. To clarify, let the workflow create the identity profile. Then use the linked API to create them a collaboration portal user.

If it creates a collaboration account, how do we determine which portal they will be a part of?

  • Driven by the roles(group_strings) assigned to the user.

Let me know if you have follow up questions

7

Thanks for the reply. I think we can work around that by JIT provisioning when accounts SSO. Currently testing it but it looks like it is working.

The workflow with Bulk Import Usage and the API to create collaboration users are useful for future use anyways. So thank you for that. I’ll let you know how our testing will go.

1 Like