POST /api/source/loadAccounts

tdelorge-mmb · May 30, 2024, 7:50am

Hello Diannjah,

Welcome on the road

It really depends on your environment:

Updated by Sailpoint:

All api call made by the IDN front UI.
Postman collections (if you have custom ones, of course to do yourself).(Postman)

Update by you:

IDN workflows that use the “HTTP Request” action to call one of the old api. (don’t work now for the new endpoint, see Colin response here : POST /api/source/loadAccounts - #123 by colin_mckibben)
If you’ve configured an IDN WebService source in IDN to add IDN rights to users.
If you have external tools that call on these endpoints (powershell scripts, python, etc.).
Maybe in some rules ? (I have not encountered the case, not sure)

As a reminder, you can find all the depreciated api at : Latest Identity Security Cloud (ISC)/Non-Public API Deprecations topics - SailPoint Developer Community

For the technical replacement itself: you’ll find numerous examples in the feed, depending on the case. But don’t hesitate to jump in if you need help. (POST /api/source/loadAccounts - #106 by tdelorge-mmb)

Hope it’s helped,
Thomas

swcoleman · May 30, 2024, 12:10pm

@colin_mckibben thanks for the clarification. I am assuming that’s going to get fixed before the private API is depreciated. Or it needs to get fixed in the UI.

dcoleman · May 30, 2024, 1:09pm

Hi Thomas,

Thank you for the information, this is very insightful and will help me a lot. Appreciate it.

colin_mckibben · May 30, 2024, 6:49pm

@swcoleman Engineering has opened a ticket (ISCAIM-23238) to provide a solution that allows disableOptimization to be used in Workflows. They are looking at two possible solutions.

Support x-www-form-urlencoded as an additional content type, which workflows supports. This would be how the CC API currently behaves: it supports both form-data and x-www-form-urlencoded.
Make disableOptimization a query parameter, which workflows supports.

Engineering will try to release this enhancement before /api/source/loadAccounts is turned off.

asmith · May 30, 2024, 6:56pm

Hey guys,

I was attempting to use this API with client credentials set up via the API Management in ISC an kept getting a 500 error, other beta endpoints appear to be working fine using client credentials. Switching this over to using a PAT instead appeared to fix the issue. Is this endpoint configured to only use a PAT?

colin_mckibben · May 30, 2024, 7:06pm

Welcome to the Developer Community Alec. Yes, this API requires a user context, which means either a PAT or an Oauth token with AUTH_CODE grant type. You can usually tell which endpoints require a user context (AKA PAT) if they call out specific user levels in the description. In the case of this endpoint, it states that one of the following user levels are needed.

A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.

gsanr · May 30, 2024, 7:16pm

@colin_mckibben I think that is by far not correct that there is even the possibility of the old endpoint being shutoff without a proper replacement in place and without giving time to your clients to make the necesary changes.

This particular case does not affect us, but you have already shutdown other endpoints without a proper replacement (import entitlements or get pending tasks for example) without providing a proper replacement.

I will be raising this with our CS and I have already done it to Christopher Caruso (on the Customer Satisfaction & Effort Survey).

I think Sailpoint is not handling this API replacement process in a proper way.

Gustavo

colin_mckibben · May 31, 2024, 2:34pm

A post was split to a new topic: /beta/sources/:id/load-accounts

RRLatFlinders · June 3, 2024, 5:26am

I’d like to recommend to everyone in this chat that they raise the concern over the replacement for a production endpoint being a /beta endpoint with their Customer Success Manger or equivalent SailPoint representative if they haven’t already done so.

We’ve been able to see while testing the behaviour of the replacement endpoint that there has been a change (likely related to troubleshooting and fixing a bug/permission issue) between last week and this week without any notification about it. Have a look at The documented scope for /beta/sources/:id/load-accounts doesn't work - #4 by RRLatFlinders for the details.

swcoleman · June 3, 2024, 4:26pm

@colin_mckibben i liked your post until the last line. I don’t think that “try” to release before the current API is turned off is acceptable. Not having this feature is going to create work by my team and cycles in our tenant as IDN tries to do things that either were manually done or that IDN just can’t do automatically yet. I know you are just he messenger but to take away things before they are fully replaced isn’t acceptable.

@gsanr that is an excellent idea.

MeghaM · June 6, 2024, 7:35pm

When I tried to run the replacement for the API :cc/api/source/loadAccounts, “/beta/sources/:id/load-accounts”,I am getting “500Internal Server Error”.In the body part have added the csv file.See the screenshots below . Please help us to understand how we can use it and call the API “/beta/sources/:id/load-accounts” from postman to do a source aggregation.

gsanr · June 6, 2024, 7:56pm

Hi @MeghaM ,

The only thing I notice is that you are missing “file” as the Key for the file. Besides that, check if the credentials you are using are for a user or an API (it must be a user one)

Gustavo

colin_mckibben · June 10, 2024, 3:30pm

A post was split to a new topic: Integrating the beta load accounts API with a web services connector

jishnu_suresh · June 11, 2024, 10:15am

Hi SailPoint Team,

What is the latest update on this? when is the final date for deprecating the cc api’s. please give an exact confirmation on this.

Thanks,
Jishnu

colin_mckibben · June 11, 2024, 1:13pm

This particular endpoint is scheduled to be turned off this month. The exact date may vary as we are turning APIs off in batches to prevent widespread issues. If anyone is still using the CC version of this API, I highly recommend you migrate to the beta ASAP.

swcoleman · June 11, 2024, 1:31pm

Colin, the issue with migrating to the new public endpoint is that we can’t trigger an unoptimized aggregation with it yet, at least via workflows; and that’s our use case. I can’t migrate to something that doesn’t meet my use case at this point.

colin_mckibben · June 11, 2024, 1:35pm

There is an engineering ticket being worked on that will enhance the beta API to work with Workflows (ISCAIM-23238). No firm ETA yet.

edmarks · June 11, 2024, 1:51pm

Then it’s an easy decision - Delay the disablement of the existing until a valid replacement is available and gone through the testing.

It’s clear this is the most talked about API by far and yet the left hand doesn’t seem to be aligned with the right hand which means SailPoint’s customers suffer in the end which doesn’t seem right to me.

MeghaM · June 11, 2024, 2:17pm

Please provide the screenshots from Postman if you tried this in Postman.

When I tried to do this from postman,I am getting 500 Internal Server Error.
Please go through the screenshots and make me uderstand where I have gone wrong.

tdelorge-mmb · June 11, 2024, 2:43pm

Could you try by replacing “:id” in the url by id of your source ?

Can be found via web ui :