Pull identity's role membership via API

jbrumley · November 25, 2024, 4:51am

Which IIQ version are you inquiring about? 8.2p3

Are there any available options to pull an identities role membership via API? In the documentation it looks like roles could be used in the attributes query, but I haven’t been able to get it to work. Can anyone help provide what the API call would look like if roles can be pulled for a specific identity?

soswain_resmed · November 25, 2024, 5:48am

Hi @jbrumley ,

I don’t think there are any direct APIs to get the role memberships.
You can use below options:

Role membership reports.
DB query by joining bundle and identity related tables.

Customization:

You can create your own API or rule.
Create a Rest endpoint for the same

Hope this helps.

Thanks
Sam

bhanuprakashkuruva · November 25, 2024, 10:41am

Hi Justin,

I think whatever you looking for it is having in APIs lists. Maybe you can check this. If this is not going to useful, then you have to develop your own REST API to achieve it.

https://community.sailpoint.com/t5/Technical-White-Papers/IdentityIQ-REST-API-Integration/ta-p/76814#toc-hId-557493126

Arpitha1 · November 28, 2024, 8:17am

Hi @jbrumley

The query parameter “attributes” is used to retrieve a list of attributes from the user profile through API response object. You can find more details in the get-users | SailPoint Developer Community

Now, regarding potential solutions:

One option is to define your own custom REST endpoint.
A simpler approach, in my opinion, would be to develop a custom workflow. This workflow would take the role name as an input variable, calculate its members, and return the result. You can invoke this workflow via the API using the launch-workflow | SailPoint Developer Community

system · January 27, 2025, 8:18am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.