Reading multiple json entries into one account

Hi all!

Hope you all are doing well.
I’m trying to integrate a web service connector that hits an API which contains a record for each access a person has.
For example, I was able to request and give three different accesses from SailPoint, everything worked pretty good. Then, I noticed that it was bringing me only one permission when I ran the account aggregation. Then, through Postman I saw that there were multiple records, each one for a different permission (One json record for DEV, one json record for Viewers, and so on).
Reached out to the app’s owner and he told me that in the app it’s ok, that there’s only one account, but in the json response will have a record for each access the user has.
Is there a way to merge or make SailPoint understand that each entry of the same user is for the same account and it only needs to pay attention to the entitlements?

If helps, there’s only one API to read the accounts and entitlements, and the records I was describing above are kinda like these:
{
“id”:“jf01”,
“name”:“John Frusciante”,
“firstName”:“John”,
“lastName”:“Frusciante”,
“entitlement”:“Guitar”
},
{
“id”:“jf01”,
“name”:“John Frusciante”,
“firstName”:“John”,
“lastName”:“Frusciante”,
“entitlement”:“Vocals”
}

The only thing that changes between both records are the entitlements.

Thank you all in advance!
Best regards,
Nico.

I don’t think this can be done with Web Services unless you write an After Rule to change how the data is being read into IDN. Without a Rule, Web Service will read in the first record, then replace that record with the second record, and so on. So only the last one read in would be kept. With an After Rule, you could look at the raw data stream, and program it to add each entitlement to an array before having it processed by IDN.

If this source can be reached by the internet, you might want to explore writing a SaaS connector instead.

1 Like

On top of @Carlatto response,

I would say, check with your API developers, this response doesn’t make any sense to me. They should fix this.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.