I would like to understand how to refresh a single identity within a workflow. Specifically, I am implementing a name change workflow
Sequence Followed:
HR updates the name in the HR source.
Source aggregation is scheduled every 2 hours.
AD adopts the name change (AD aggregation is hourly) and syncs with AAD.
AD writes back the new email to the HR source.
Email notifications are sent to the respective owners, informing them of the name change (including the old name, new name, and new email generated from CN=).
HR aggregation captures the new email.
Challenge:
The timing is an issue because HR aggregation runs every 2 hours, and AD aggregation is hourly. Therefore, we need to refresh the identity before the email notifications are sent out.
If you have an Identity Attribute in your identity profile that maps to the email address from AD, this will be updated on the Identity when the AD aggregation runs. From this you can us a workflow with the trigger “Identity Attributes Changed” looking at the email attribute and then use the action " HTTP Request" to call the API to process a list of identities by passing the IDs of the identities who’ve had their email changed.
I decided to use the Source Account Updated instead to trigger identity refresh and would then use a filter on userdn and email to trigger identity refresh. But the trigger here is failing if I add the source name in it (throws me a validation error - supplied trigger filter is invalid
It appears your filter syntax is incorrect due to the extra quotation marks.
The correct syntax should be: $[?($.sourceName==“Active Directory-Standard Users”)].Try this one.
