Official Sailpoint powershell SDK help

egonzalez · May 8, 2023, 4:52am

Hi, I am using the official sailpoint powershell sdk to try and update roles and create new roles with criteria. I am stuck on the following error. Not sure where to go from here. Any help would be appreciated.

{"messages":[{"localeOrigin":"DEFAULT","text":"The request was syntactically correct but its content is semantically invalid.","locale":"en-US"},{"localeOrigin":"REQUEST","text":"The request was syntactically   
     | correct but its content is semantically invalid.","locale":"en-US"}],"detailCode":"400.1 Bad request content",

$RoleBody = '{
    "id": {},
    "name": "Office 1",
    "description": "Office Role",
    "owner": {
      "type": "IDENTITY",
      "id": "52465dhfdhdfhejrt53y43y",
      "name": "user1"
    },

    "membership": {
            "type": "STANDARD",
            "criteria":{
                "operation": "OR",
                "key":{},
                "stringValue":{},
                "children": [
                {
                    "operation": "EQUALS",
                    "key": {"type":"IDENTITY", "property":"attribute.office", "sourceid":{}},
                    "stringvalue": "1",
                    "children":{}
                }
            ]
        }
    }
}'
new-role -role $RoleBody

tyler_mairose · May 8, 2023, 2:26pm

Hello @egonzalez !

Welcome to the SailPoint Developer Community!

The New-Role Cmdlet is expecting a PSCustomObject for an input, the default json wont work.

Try using the script below which converts the json object into a PSObject before passing into the Cmdlet. I also changed a few values in the criteria section of your json object. The key if not provided should be null, and the stringValue an empty string. Once I changed those I was able to create the role using the PowerShell SDK.

Let me know if this works for you!

$RoleBody = @"
{
    "name": "Office 1",
    "description": "Office Role",
    "owner": {
      "type": "IDENTITY",
      "id": "52465dhfdhdfhejrt53y43y",
      "name": "user1"
    },

    "membership": {
            "type": "STANDARD",
            "criteria":{
                "operation": "OR",
                "key": null,
                "stringValue": "",
                "children": [
                {
                    "operation": "EQUALS",
                    "key": {"type":"IDENTITY", "property":"attribute.office", "sourceid":""},
                    "stringvalue": "1",
                    "children":[]
                }
            ]
        }
    }
}
"@

$Role = ConvertFrom-Json $RoleBody

try {
    New-Role -role $Role
} catch {
    Write-Host ("Exception occurred when calling New-Role: {0}" -f $_.ErrorDetails)
    Write-Host ("Response headers: {0}" -f $_.Exception.Response.Headers)
}

egonzalez · May 9, 2023, 3:21am

Hey Tyler,

I was able to replicate that in my sandbox. Thanks for the help. I really appreciate it.
Do you have any sailpoint links that provide similar examples of creating membership criteria using the official powershell sdk?

thank you

Topic		Replies	Views
Sailpoint Beta API add user to role request body ISC Discussion and Questions	5	1175	July 19, 2023
Official PowerShell IdentityNow SDK - (Unofficial QuickStart Guide) ISC Show and Tell apis	11	1087	April 16, 2024
IdentityNow: Patch Role membership criteria ISC Discussion and Questions	5	723	July 19, 2023
Objects to be used with Sailpoint.Utils.objects.AccountRequest ISC Discussion and Questions identity-security-cloud	3	535	June 21, 2023
Powershell api issue not able to reach to tenant URL ISC Discussion and Questions identity-security-cloud , powershell-sdk	7	233	March 7, 2024

Official Sailpoint powershell SDK help

Related Topics