Scheduled IIQ Workflows execution with PowerShell

Problem Statement: Sometimes there might be a need to -
a) extend existing PS Scripts to leverage and pass several inputs to SailPoint IIQ WFs/receive response and (if required) run it periodically.
b) Call a SailPoint IIQ WF through PS Script and run it periodically.
c) Test the IIQ WF using PowerShell in the absence of tools like Postman.

Solution -

The following steps can be used in this scenario -

  1. Using an admin account in IIQ , create an API client using Global Settings → API Authentication. E.g. -

  1. Create a PowerShell script to initiate launching IIQ WF using IIQ APIs. Refer Below -
#replace your clientID and secret
$clientID = 'xxxxxxxxxxxxxxxxxxx'
$secret = 'xxxxxxxxxxxxxxxxxx'
$credential = "Basic " + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($clientID + ":" + $secret))

$splat = @{
Method = 'POST'
#replace hostname and port
uri = 'https://<iiq hostname or VIP>:<port>/identityiq/oauth2/token'
ContentType = 'application/x-www-form-urlencoded'
Body = 'grant_type=client_credentials'
Headers = @{Authorization = $credential}
UseBasicParsing = $true

$result = Invoke-WebRequest @splat
$resultJSON = ConvertFrom-Json $result.Content
$tokenBearer = $resultJSON.token_type
$token = $resultJSON.access_token
$headers = @{ Authorization = "Bearer $token"}

$jsonBase1 = @{}
$list = New-Object System.Collections.ArrayList
$list = "urn:ietf:params:scim:schemas:sailpoint:1.0:LaunchedWorkflow","urn:ietf:params:scim:schemas:sailpoint:1.0:TaskResult"
$jsonBase1.Add("schemas", $list)

#Inputs to be passed. Replace the inputs with the inputs your WF expects
$requestNo = @{"key"="requestNo";"value"="123456"}
$requestDescription = @{"key"="requestDescription";"value"="Test Demo"}
$sunsetTime = @{"key"="sunsetTime";"value"="24"}
$workstation = @{"key"="workstation";"value"="XYZ123"}
$sAMAccountName = @{"key"="sAMAccountName";"value"="pathaka"}

$list2 = New-Object System.Collections.ArrayList
$list2 = $requestNo, $requestDescription, $sunsetTime, $workstation, $sAMAccountName
#replace the WorkflowName with the name of your workflow
$launchWorkflow = @{"workflowName"="test_Aditya";"input"=$list2}

$jsonBase1.Add("urn:ietf:params:scim:schemas:sailpoint:1.0:LaunchedWorkflow", $launchWorkflow)
$jsonPayLoad = $jsonBase1 | ConvertTo-Json -Depth 10

$result2 = ''
#replace hostname and port
$uri2 = "https://<iiq hostname or VIP>:<port>/identityiq/scim/v2/LaunchedWorkflows"
$result2 = Invoke-RestMethod -Headers $headers -Uri $uri2 -Body $jsonPayLoad -Method Post
  1. If required use schtasks create to create a scheduled task on Windows server to periodically run this powershell script -
    schtasks create | Microsoft Learn