Python script to disable optimization for a source aggregation

This script allows to run a non-optimized aggregation. All aggregations are optimized unless you generate an aggregation through the API with disableOptimization set to true. A non-optimized aggregation allows for correlation of accounts that are not evaluated when data hasn’t changed. If you modify your correlation logic, running a non-optimized aggregation will evaluate all accounts. Other possible reasons to attempt to run this is when data issues may seem to be present between the source and the account data from the source.

See this link for more information: Loading Account Data - SailPoint Identity Services

This logic is using the internal cc API and may be deprecated soon.
If you have a way to do this with the V3 or beta API, please share.
If you are using this on a non-standard tenant URL, please update the base url in the script.

Note: Before running the script make sure you are using a PAT that has sufficient authorization. I used admin for my testing with the PAT scope being set to “sp:scopes:all”. Make sure to gather the cloudExternalId for the source. I do this by using the vscode IdentityNow plugin, go to the source and look for the value.

After running the script you should see a success. If so, go to the UI and look at the aggregation, and you should see that it kicked off an aggregation. After the aggregation completes click on the information icon and you will see that it ran with optimization disabled. It will take longer than a normal aggregation.

import requests
import getpass

# Prompt the user to enter the necessary variables
print("Trigger an aggregation for a source with optimization disabled. (note: This is using the internal cc API and may be depricated)")
client_id = input("Please enter your client ID: ")
client_secret = getpass.getpass("Please enter your client secret: ")
client = input("Please enter your tenant name (example: acme-sb is what you would enter if the full URL is https://acme-sb.identitynow.com): ")
base_url = f"https://{client}.api.identitynow.com"
source = input("Please enter the cloudExternalId for the source you need to aggregate. \n To find this, use the vscode SailPoint extension, highlight the source and find the value")
url = f"{base_url}//cc/api/source/loadAccounts/{source}"

# Get an access token
auth_url = f"{base_url}/oauth/token"
auth_data = {
    "grant_type": "client_credentials",
    "client_id": client_id,
    "client_secret": client_secret,
}
auth_response = requests.post(auth_url, data=auth_data)
print(auth_response)

# Extract the access token from the response
access_token = auth_response.json()["access_token"]
#print(access_token)


headers = {
    'Authorization': f'Bearer {access_token}',
    'Accept': 'application/json',
    'Content-Type': 'application/json'
}

payload = '{"disableOptimization": true}'

response = requests.request("POST",url, headers=headers, data=payload)

if response.status_code == 200:
    data = response.json()
  
else:
    print(f"Request for sources failed with status code: {response.status_code}")
    print("Response content:", response.text)

Hello,
thanks for sharing, we just have to watch out for the deprecated API call scheduled for the end of June!

1 Like

If you use this sailpoint module is also has support in the function. (run_acct_aggregation function docs here)