Put-source-attr-sync-config - 400 - Identity Profile Attribute Missing

Identity Security Cloud (ISC) ISC Discussion and Questions
, , ,
1

I’m having an issue adding an identity attribute to my SalesForce attribute sync.

I have an identity attribute called Work Phone Number (workPhone)

image
image698×124 3.18 KB

Here is my request body

{
    "attributes": [
        {
            "enabled": false,
            "displayName": "att_email",
            "name": "email",
            "target": "Email"
        },
        {
            "enabled": false,
            "displayName": "Preferred Name",
            "name": "preferredName",
            "target": "FirstName"
        },
        {
            "enabled": false,
            "displayName": "att_last_name",
            "name": "lastname",
            "target": "LastName"
        },
        {
            "enabled": false,
            "displayName": "att_email",
            "name": "email",
            "target": "FederationIdentifier"
        },
        {
            "enabled": false,
            "displayName": "Employee Number",
            "name": "identificationNumber",
            "target": "PersonnelNumber__c"
        },
        {
            "enabled": true,
            "displayName": "Work Phone Number",
            "name": "workPhone",
            "target": "Phone"
        },
        {
            "enabled": true,
            "displayName": "Business Mobile Phone Number",
            "name": "businessMobilePhoneNumber",
            "target": "MobilePhone"
        }
    ],
    "source": {
        "id": "b410eb81d4b04e8f8c21211f93804672",
        "type": "SOURCE"
    }
}

And the response

{
    "messages": [
        {
            "localeOrigin": "DEFAULT",
            "locale": "en-US",
            "text": "Validation failed with following errors: Identity Profile is missing attribute with display name \"Work Phone Number\""
        },
        {
            "localeOrigin": "REQUEST",
            "locale": "en-US",
            "text": "Validation failed with following errors: Identity Profile is missing attribute with display name \"Work Phone Number\""
        }
    ],
    "detailCode": "400.1 Bad request content",
    "trackingId": "3d3ac21d06fd4dd6a2150560d97654bf"
}
2

So this is weird… even though I got a 400, I see it in the attribute sync now.

image
image1098×330 11.1 KB

but the displayName value is different…

{
    "attributes": [
        {
            "displayName": "Work Phone",
            "enabled": true,
            "name": "workPhone",
            "target": "Phone"
        },
        {
            "displayName": "Business Mobile Phone Number",
            "enabled": true,
            "name": "businessMobilePhoneNumber",
            "target": "MobilePhone"
        },
        {
            "displayName": "att_email",
            "enabled": false,
            "name": "email",
            "target": "Email"
        },
        {
            "displayName": "Preferred Name",
            "enabled": false,
            "name": "preferredName",
            "target": "FirstName"
        },
        {
            "displayName": "att_last_name",
            "enabled": false,
            "name": "lastname",
            "target": "LastName"
        },
        {
            "displayName": "att_email",
            "enabled": false,
            "name": "email",
            "target": "FederationIdentifier"
        },
        {
            "displayName": "Employee Number",
            "enabled": false,
            "name": "identificationNumber",
            "target": "PersonnelNumber__c"
        }
    ],
    "source": {
        "id": "b410eb81d4b04e8f8c21211f93804672",
        "type": "SOURCE",
        "name": null
    }
}
3

This is interesting, did you check attribute name in Identity Profile config in Postman, any chance it is different from UI.

4

I’ll have to check that cc endpoint this morning

5

Work Phone Number attribute comes by default. Thought it is allowed to remove from Identity Profile.

When we create an attribute, technical name is auto populated using display name you enter in camel case.

For example:
Display Name: Alternate Mobile Number
Technical Name: alternateMobileNumber

But if you see Work Phone Number, Technical name doesn’t have Number string in it. If you list down the attributes list using

GET {{baseUrl}}/cc/api/identityAttribute/list

You see the attribute definition as below, display name doesn’t have Number in it. But in attribute sync page, you see the complete display name with Number string.

Since it is identity attribute, we use in create provisioning policy form with mapping as identity attribute, we get the config in sync by default, so we didn’t come across this issue.

Resolution: SailPoint should avoid this kind of discrepancies.

{
        "displayName": "Work Phone",
        "extendedNumber": null,
        "multi": false,
        "multiValued": false,
        "name": "workPhone",
        "namedColumn": false,
        "searchable": false,
        "silent": false,
        "sources": [
            {
                "properties": {
                    "ruleName": "Cloud Promote Identity Attribute",
                    "ruleType": "IdentityAttribute"
                },
                "type": "rule"
            }
        ],
        "standard": false,
        "system": false,
        "targets": [],
        "type": "string"
    }

Thanks
Krish

6

Yeah, very strange. I have no idea why it’s that way, but at least we have it documented here :grinning:

7

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.