I am having a very similar issue to this archived issue from a couple years ago: JSONPath expression to find elements in array based on nested array values
I am trying to create a Workflow Provisioning Completed Trigger filter that will only fire based on if the provisioning event’s accountRequests.attributeRequests object contains certain string field values. I have read the documentation here, though I find it a bit unclear as to what fields and what exactly a filter trigger should “return” (other than to contain at least one [?()] operator that evaluates to true). I think more detailed functional examples would be helpful.
I’ve also been testing with the evaluator tool, and that is where I’m currently unable to come up with a solution.
Here is an example of the event that would get fed to my workflow:
{
“_meta”: {
“invocationId”: “3af7adf6-ff7c-4d56-b9c4-afcb09ed6f8b”,
“subscriptionId”: “e1bafe71-009c-4531-ab97-8d8fa9e7031b”,
“triggerType”: “FIRE_AND_FORGET”
},
“accountRequests”: [
{
“accountId”: “005WB00000BXzMiYAL”,
“accountOperation”: “Modify”,
“attributeRequests”: [
{
“attributeName”: “PermissionSet”,
“attributeValue”: “0PS1I000000WqAvWAK”,
“operation”: “Remove”
},
{
“attributeName”: “ProfileId”,
“attributeValue”: “00e1I000000mVifQAE”,
“operation”: “Remove”
},
{
“attributeName”: “Role”,
“attributeValue”: “00E1I000000U8OxUAK”,
“operation”: “Remove”
},
{
“attributeName”: “ProfileId”,
“attributeValue”: “00e1I000000NaYTQA0”,
“operation”: “Add”
}
],
“provisioningResult”: “failed”,
“provisioningTarget”: “Salesforce - Dev2”,
“source”: {
“id”: “81d56e0e60ab4a6fb23233cc93b77f14”,
“name”: “Salesforce - Dev2”,
“type”: “SOURCE”
},
“ticketId”: null
},
{
“accountId”: “004280”,
“accountOperation”: “Modify”,
“attributeRequests”: [
{
“attributeName”: “assignedRoles”,
“attributeValue”: “SalesForce Permission Set Report/Dashboard User [cloudRole-1753821822844]”,
“operation”: “Remove”
},
{
“attributeName”: “assignedRoles”,
“attributeValue”: “SalesForce Profile IT User [cloudRole-1753821800679]”,
“operation”: “Remove”
},
{
“attributeName”: “assignedRoles”,
“attributeValue”: “SalesForce Role IT Employee [cloudRole-1753814707901]”,
“operation”: “Remove”
},
{
“attributeName”: “assignedRoles”,
“attributeValue”: “SalesForce Profile Read Only User [cloudRole-1753821802860]”,
“operation”: “Add”
}
],
“provisioningResult”: “IdentityNow Task”,
“provisioningTarget”: “IdentityNow”,
“source”: {
“id”: “IdentityNow”,
“name”: “IdentityNow”,
“type”: “SOURCE”
},
“ticketId”: null
}
],
“action”: “Identity Refresh”,
“errors”: [
“[ConnectorError] Attribute level errors occurred during update operation. Please refer logs for more details. (requestId: 9fd50fe421d74c69af8ee1532b3537c5)”
],
“recipient”: {
“id”: “a4cad2ca02334a41a8501c7bf1370502”,
“name”: “Ian McKenzie”,
“type”: “IDENTITY”
},
“requester”: null,
“sources”: “IdentityNow, Salesforce - Dev2”,
“trackingNumber”: “5e769fda5f554ccc9be1ef879bdb8577”,
“warnings”:
}
With that, I am attempting to use this filter:
$.accountRequests[?(@.provisioningTarget =~ /Salesforce.*/ && @.provisioningResult == “failed” && @.attributeRequests[?(@.attributeName == “ProfileId” && @.operation == “Remove”)])]
This “looks” like it works, but it seems as if the @.attributeRequests[?()] section is effectively ignored, because if I change “ProfileId” to something “wrong” like “xxxProfileId”, it still returns the accountRequest object.
I have attempted various other solutions, such as by appending “.length() > 0” onto the end of the nested filter operator, by trying to use “empty false” after it, and by using the contains operator on a single field. None have worked thus far. It is unclear to me from the linked Workflow github JSONPath library fork docs if the concept of operating on nested arrays is supported at this time. Can anyone help with understanding if this is supported for Workflow trigger filters and if so, how?
Thanks!