Hello all,
I have a requirement that i need to load the NERM system with all the managers / users in IDN so that when a user does a search in the Form for creating a new user, they can find the correct manager before they submit. Is there a way to push all that data to NERM every day via API? I think i want to use the profiles API but I am not even sure this is possible with NERM currently.
You can definitely use the /profiles API to load the data in the NERM. To push the incremental data, you can use the API or you can do it via a powershell script.
Sample request body using /profile endpoint {
“profile”: {
“name”: “MSP APIUser2”,
“profile_type_id”: “8ed995d7-0d06-4c3a-9a1f-774fc7b2db1d”,
“status”: “Active”,
“id_proofing_status”: “pending”,
“archived”: false,
“attributes”: {
“first_name”: “MSP”,
“email”: “[email protected]”,
“last_name”: “APIUser2”,
“person_id”: “P000006”
}
}
}
In case this helps
Thank you Sunny. This is where i was going but was not quite sure as it not really spelled out yet in NERM as it is in IDN or IIQ. So then when i just do a identity profile to send the data over or run a daily agg to bring the data over to NERM. This would be so much easier if NERM had connectors ability to set aggs
NERM doesn’t have concept of connector, the product relies on push rather pulling the data.
Sharing in case if this helps
SecZetta-Non-Employee-Authoritative-Source-for-SailPoint-IdentityNow.pdf
QQ I am pulling the data from profiles to IDN but only getting the first 5. I am not getting the nested attribute level. Where user data is i need like first , last email etc. . My root path is $.Profiles[*] any tips or ideas. I Actually, never have had to go this deep before
A common config against /profiles has these IDN config (same applies to IIQ):
and for the paging (adjust your url as needed):
have you tried using profiles[].attributes.email, profiles[].attributes.first_name etc
So, it ended up being which the API documents and other white sheets tell you clearly is that anything in after the attribute object must have that Infront of it like you mentioned.
so, email is really “attribute.email” Anything like UID, ID etc. before that object just can be called out as it reads. needless to say, thank you for sticking with me on this. have a little more rust on the old Api front that i like to this round. lol
Now I need to create a push to NERM from IDN to populate all the managers.so they can be current and in the drop down when a form is filled out… THat is one huge option i have always asked for before it was NERM.
