SailPoint IdentityNow VS Code Extension Now Available

colin_mckibben · July 5, 2022, 3:20pm

Yannick Beot and Cristian Grau have released the SailPoint IdentityNow Visual Studio Code extension that makes managing IdentityNow easier than ever. Here are the main operations that you can perform with this extension.

Connect to several tenants
Export config of a tenant
View, edit, aggregate or reset sources
View, create, edit, delete, and test transforms
View, create, edit, delete provisioning policies of a source
View, create, edit, delete schemas of a source
View, edit, enable, disable, and test workflows and view execution history
View, create, edit, delete connector rules and export/import the script of a rule

If you would like to contribute code, ideas, or bug reports, please check out their GitHub repo.

thibault_dlm · July 5, 2022, 3:38pm

I’m using it for a few weeks now and that’s a very useful tool ! Well done Team

fernando_delosrios · July 5, 2022, 3:50pm

Best thing after tin loaf. Superb!

chirag_patel · July 6, 2022, 12:56pm

This is great. While I was trying to use it, not sure how can I update/edit transforms. Did I miss anything in documentation?

colin_mckibben · July 6, 2022, 12:57pm

I think when you make changes and save in the editor, it automatically updates the transform in IDN. You can verify by making an edit and saving, then close the tab, refresh the transform list, and open the transform again.

cristian_grau · July 6, 2022, 1:17pm

Indeed, if you save the object it’s automatically uploaded to the tenant. However, you can evaluate transforms without saving. Right click and “Evaluate”

pkgupta1 · July 6, 2022, 1:21pm

Any plans of extending the tools to more objects like Access Profiles, Roles etc

sholinaty · July 6, 2022, 2:29pm

This is amazing so far, thank you for the effort you have put into this!

One oddity I have noticed is, I don’t seem to be able to have more than one file open as tabs easily?
no matter what I click on in the tenant, it overrides the open view, no easy Tabbing there.

however if I right click on the tab and select “Split Right”, it gives me a side-by-side, so this is not the end of the world. It would just be a nice UI Tweak if opening a tab was easier.

my goal here is to open up Tenant1 > Sources > SourceName as tab1, then open tenant2 > Sources > SourceName as tab2 so that I can stare/compare, or easily copy data from one to the other

tranetechnologies · July 6, 2022, 3:01pm

Agreed. Same thing I was trying to do!

yannick_beot · July 6, 2022, 4:17pm

The “files” are opened in preview. In the tab, the name is in italic.
If you double click on the name, the name becomes straight. So you can open another file.
There is a configuration of VSCode to remove this behavior and open files “normally”/not in preview.

ali_sadjadi · July 6, 2022, 5:07pm

My Apologies for mass email. Is there special version of VS code that I need to have?? I have :

Version: 1.65.2 (Universal)

Commit:

I have installed the extension but when I try to add the tenant nothing happens and I still see no tenant added. Same thing with client ID and secret

Any help much appreciated

sholinaty · July 6, 2022, 5:47pm

its not the simplest setup, but in that search-looking bar at the top that wants company or company.identitynow.com Is where you’d enter the values.

after you type/paste the customer in there, it will ask for your client ID
then secret.

its all in that weird bar

chrisp · July 6, 2022, 7:02pm

Did you restart VSCode after installing the extension?
I’m using version 1.68.1 on a Mac.

chirag_patel · July 7, 2022, 5:51am

I am just worried that anyone can open so many tabs in VS code and they might not be aware that they are making changes in actual production. This becomes quite concerning for those users who have habit of having so many tabs and clicking on mass close and if by mistake “save” is clicked on any of those consistent pop ups.

Overall this might be limited to my habit of using VS code but not sure if there are others.

Really appreciate this effort from old colleagues. Feels good to see IdentityNow getting attention and time.

sholinaty · July 11, 2022, 4:33pm

still loving this tool.

Question (or feature request?)
When I’m right-clicking on a transform and selecting “Evaluate”, is there a log stamped down somewhere? or only the popups in the bottom right?
for simple transforms, I get a nice little card
Screen Shot 2022-07-11 at 10.30.09 AM

But for some of my Lovecraftian monstrosities of transforms that actually cascade about 10 Different transforms, I get a ton of popups that all self-clear very fast, and no end result.

so: is there a way to view a log or text-based output of these, it would be great

yannick_beot · July 12, 2022, 12:33pm

There are logs for sure (that can be seen in the developer console for instance (Help> Toggle Developer Tools).
However, if you would like to see the result as a text based output, what do you have in mind?
We are using only VSCode component and because of that, we are limited.
Do you have an example in VSCode or another extension (with a screenshot) that would show what you are expecting?

sholinaty · July 12, 2022, 3:23pm

I hadnt even thought of Developer Tools, thank you! that DOES show me what I need.

that being said - does the Evaluate feature implement its own version of the transform function?
example: I have a “termination date” field. in IdentityNow, that is shown as 0000-00-00

when I try to evaluate a transform that includes “does TermDate == 0000-00-00”, it fails with:

Attribute 'Termination Date for account 526 in source BambooHR does not exist or is null

Which… is the point of the transform. its a conditional of:
“expression”: “$termDate eq 0000-00-00”,

it also appears that it can not evaluate a FirstValid

Cannot read properties of undefined (reading 'type')

for

{
    "id": "ID here",
    "name": "transformName",
    "type": "firstValid",
    "attributes": {
        "ignoreErrors": "true",
        "values": [
            {
                "attributes": {
                    "value": "A lookup here"
                },
                "type": "static"
            },
            {
                "attributes": {
                    "value": ""
                },
                "type": "static"
            }
        ]
    },
    "internal": false
}

cristian_grau · July 12, 2022, 5:01pm

Indeed, transform’s evaluator mimics the functionality of IDN transforms but are not the same (IDN uses java and the extension uses typescript).

I’ve tried to be as loyal as possible to IDN’s behavior but some functionalities may be missing or not implemented yet.

Could you share the transform that’s throwing the error?

Thanks

P.S: I’ve evaluated the transform from your message and it works for me

sholinaty · July 12, 2022, 7:30pm

First Up - Firstvalid

    "name": "Manager FreshService ID",
    "type": "firstValid",
    "attributes": {
        "ignoreErrors": "true",
        "values": [
            {
                "attributes": {
                    "value": "$identity.getManager().getLinksByAppIdOrName(\"appID\", \"appName []\").get(0).getNativeIdentity()"
                },
                "type": "static"
            },
            {
                "attributes": {
                    "value": ""
                },
                "type": "static"
            }
        ]
    },
    "internal": false
}

expected result: the (appname.id) of their Manager, or “”
it works in IDN, but fails with
Cannot read properties of undefined (reading 'type')
In the tool

Next up:

    "name": "Post Email Active Date - live",
    "type": "dateMath",
    "attributes": {
        "expression": "+3M/h",
        "roundUp": true,
        "input": {
            "attributes": {
                "input": {
                    "attributes": {
                        "sourceName": "BambooHR",
                        "attributeName": "termination date"
                    },
                    "type": "accountAttribute"
                },
                "inputFormat": "yyyy-MM-dd",
                "outputFormat": "ISO8601"
            },
            "type": "dateFormat"
        }
    },
    "internal": false
}

errors with

workbench.desktop.main.js:2693 RangeError: Invalid time value
	at Date.toISOString (<anonymous>)
	at Dt.dateFormat (vscode-file://vscode-app/Users/sholinaty/.vscode/extensions/yannick-beot-sp.vscode-sailpoint-identitynow-0.0.12/out/extension.js:549:22012)
	at Dt.evaluateTransformOfType (vscode-file://vscode-app/Users/sholinaty/.vscode/extensions/yannick-beot-sp.vscode-sailpoint-identitynow-0.0.12/out/extension.js:549:12722)
	at Dt.evaluateChildTransform (vscode-file://vscode-app/Users/sholinaty/.vscode/extensions/yannick-beot-sp.vscode-sailpoint-identitynow-0.0.12/out/extension.js:549:14869)
	at runMicrotasks (<anonymous>)
	at processTicksAndRejections (node:internal/process/task_queues:96:5)
	at async Dt.evaluate (vscode-file://vscode-app/Users/sholinaty/.vscode/extensions/yannick-beot-sp.vscode-sailpoint-identitynow-0.0.12/out/extension.js:549:10190)

Expected:
take a yyyy-MM-dd formatted date, off of a source (BambooHR), convert it to ISO8601, add 3 months to it
(yes, its a bit ridiculous but it fits a very specific need of ours

it actually looks like most of my date compares that have a input/output format are the ones erroring out in evaluation.

yannick_beot · July 18, 2022, 1:54pm

Hi @ali_sadjadi
I have conducted some test and when you are giving a wrong tenant name, a wrong client id or client secret, I still get an error popup.
Can you test again and open the dev tools ( menu Help> Toggle Developer Tools) and share the logs?