Populate Department value of a NERM sponsor from ISC

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hello Community Members

Greetings of the day.

I have a requirement in NERM where the manager’s department value needs to be assigned to the NERM user. Department value is not present in NERM, so the value should be fetched from ISC.

When the Sponsor name is selected in the NERM form, the Textbox field should populate the department of the sponsor fetched from ISC.

Thank you in advance.

3

Thanks @abhi617 for sharing the detail steps.

How can we strip off the name and keep only email to pass the email value in the search API call ?

4

What you can do is do in a ‘Set Attribute Values’ step, choose the following (just an example, update as per your config):

image
image806×169 9.06 KB

That will pick up just the email from the user account that you selected as the sponsor.

Another option is to sync all your optional sponsors as a profile as well and keep the data in NERM. This, however, might be a bit too much, but depends on the use case you have.

1 Like
5

The sponsor value format is John Smith (john.smith@company.com) — the email is always between ( and ). In a NERM workflow Script step you can extract it like this:

var sponsor = $.sponsor; // e.g. "John Smith (john.smith@company.com)"
var email = sponsor.substring(sponsor.indexOf('(') + 1, sponsor.indexOf(')'));
return email; // john.smith@company.com

Then pass that email variable into your REST call query string.

6

Hi @abhi617

Where can this script I need to write?

7

Edwin Sauve’s approach to get the Email from a sponsor is also what I would recommend.

I am unsure what Abhilash is referencing, but there is no “Script” step within NERM - there is no direct coding interface in the product..

What you could do, if making a request to ISC from NERM using a REST API action like Abhilash suggested here:

is to use Liquid syntax within the API request body for the query as shown above (more on how to use Liquid in NERM here: Liquid Template language use in NERM - Identity Security Cloud (ISC) / ISC Community Knowledge Base - SailPoint Developer Community)

Breaking down: {{ attribute.sponsor.email }}

  • attribute: pulls attribute values from the current workflow session
  • sponsor: references the specific attribute. This is the UID of the attribute, so could be sponsor, sponsor_ne_attribute, sponsor_contributor_select, etc… whatever the UID was set to when the tenant was configured.
  • email: this is the value from the attribute we want to take. Since Sponsor is a Contributor Select / user object, we can pull the id, name, email, or login from it

So, if the value of “sponsor” was John Smith (john.smith@company.com) , the above liquid would return just john.smith@company.com - resulting in a body like:

1 Like
8

Hi @ZackTarantino-Woolson & @abhi617 & @sauvee :

Thank you so much for sharing your suggestions and it worked for me. I need one more help on REST API side. While I added the REST API action , Workflow is getting failed and it seems misconfiguration of API steps.
Please help to resolve this issue to meet my deadlines.

Below is the configuration done to the tenant.

image
image2476×1562 224 KB

image
image1742×1002 49.3 KB

9

What is the error message in the Workflow session?

If its a 401 - With OAuth2, I’m fairly certain you do not need to enter an Authorization header. The Authentication steps preceding the call will generate the token and utilize that in the background.

1 Like
10

Getting the following error message.

Sailpoint html, body { height: 100%; } body { font-family: "Source Sans Pro", -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif; margin: 0; background-color: #f3f6f8; display: flex; flex-direction: column; } header { height: 60px; width: 100%; display: flex; align-items: center; justify-content: center; border-bottom: 1px solid #dfe3e7; background-color: white; box-shadow: 0px 3px 6px 0px rgba(0, 0, 0, 0.16); } header img { height: 25px; } main { flex: 1; padding: 64px; display: flex; align-items: center; justify-content: center; } h1 { font-size: 2.5rem; margin-top: 0; margin-bottom: 0.5rem; } p { margin-bottom: 1rem; } .not-found-page__content { display: flex; flex-direction: column; justify-content: center; align-items: center; gap: 32px; } .not-found-page__content img { min-width: 120px; } .not-found-page__content .message { width: 30vw; min-width: 320px; text-align: center; } .empty-state { width: 234px; height: 234px; }

Page not found

The page does not exist or you do not have permission to view it.

↵\' 
<!-- Copyright (C) 2018 SailPoint Technologies, Inc.  All rights reserved. -->

<html class="no-js">
	<head>
		<meta charset="utf-8" />
		<meta http-equiv="X-UA-Compatible" content="IE=edge" />
		<title>Sailpoint</title>
		<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
		<meta name="robots" content="none" />
		<link
			rel="icon"
			sizes="32x32"
			href="https://assets.sailpoint.com/cloud-ui-static-assets/perpetual/sailpoint/favicons/2.0/favicon-32x32.png"
		/>
		<link
			href="https://assets.sailpoint.com/cloud-ui-static-assets/perpetual/fonts/1.0/styles/combined.css"
			rel="stylesheet"
		/>
		<style type="text/css">
			html, body {
				height: 100%;
			}
			body {
				font-family: "Source Sans Pro", -apple-system, BlinkMacSystemFont, "Segoe UI",
				             Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif;
				margin: 0;
				background-color: #f3f6f8;
				display: flex;
				flex-direction: column;
			}
			header {
				height: 60px;
				width: 100%;
				display: flex;
				align-items: center;
				justify-content: center;
				border-bottom: 1px solid #dfe3e7;
				background-color: white;
				box-shadow: 0px 3px 6px 0px rgba(0, 0, 0, 0.16);
			}
			header img {
				height: 25px;
			}
			main {
				flex: 1;
				padding: 64px;
				display: flex;
				align-items: center;
				justify-content: center;
			}
			h1 {
				font-size: 2.5rem;
				margin-top: 0;
				margin-bottom: 0.5rem;
			}
			p {
				margin-bottom: 1rem;
			}
			.not-found-page__content {
				display: flex;
				flex-direction: column;
				justify-content: center;
				align-items: center;
				gap: 32px;
			}
			.not-found-page__content img {
				min-width: 120px;
			}
			.not-found-page__content .message {
				width: 30vw;
				min-width: 320px;
				text-align: center;
			}
			.empty-state {
				width: 234px;
				height: 234px;
			}
		</style>
	</head>
	<body>
		<header>
			<img src="upload://qE62MSQkw1GxnemZJjtNjg5Ho7M.png">
		</header>
		<main>
			<section id="not-found-page__content" class="not-found-page__content">
				<img src="/images/lighthouse.svg" class="empty-state" alt="" role="presentation">
				<section class="message">
					<h1>Page not found</h1>
					<p>The page does not exist or you do not have permission to view it.</p>
				</section>
			</section>
		</main>
	</body>
</html>↵\'
11

Here is the image of the error.

image
image1978×628 157 KB

My REST API config is below after your suggestion.

image
image1978×1312 145 KB

image
image1978×1272 120 KB

Please correct me if any of the above configuration requires modification.

12

Thank you so much team. I could fetch the deparmtent value from ISC using REST API workflow acion.