Hi all.
We are scheduling saved search to send out report but we are having issues to include certain columns to be included in the report generated. The report to be sent is expected to include a list of identities with newly created AD accounts along with certain identity attributes and the AD entitlements (memberOf).
The following code is an example:
"indices": [
"identities"
],
"query": "@accounts(created:[now-24h TO now] AND source.name:\"AD-SOURCE\")",
"columns": {
"identity": [
{
"field": "attributes.uid",
"header": "ID"
},
{
"field": "attributes.fullName",
"header": "Full Name"
}
]
}
In the POST /v3/search API, we noticed it return the “entitlementAttributes” in the accounts list object for each identity. However, in the POST /v3/saved-searches API, we want to include the entitlements as well using the “columns” attribute to be included in the report sent but were not able to find out the ways.
As an alternative, we also thought of creating identity attribute to read from the memberOf attribute, however it seems that identity attribute does not support multivalued attribute and thus only reading the first AD Group in the attribute, and ignore the rest. I think that for this way to work, it will be to find out a way to concat all AD Groups and make it as a static string.
Appreciate any input on this matter. Thanks!