Search query within an workflow to get unique manager id values

zeross · October 15, 2025, 2:09pm

I have this query for the search API:

{
  "indices": ["identities"],
  "queryType": "SAILPOINT",
  "queryVersion": "5.2",
  "query": {
    "query": "access.displayName:\"AD Admin BR\""
  },
"aggregationType": "DSL",
  "aggregationsVersion": "5.2",
  "aggregations": {
    "bucket": {
      "name": "Unique Managers",
      "type": "TERMS",
      "field": "manager.id",
      "size": 1000,
      "minDocCount": 1
    }
  },
  "queryResultFilter": {
    "includes": [
      "manager.displayName",
      "manager.id"
    ]
  }
}

This results in 10 times managers X, and 2 times managers Y. One example, so there are 12 results like this one in the response.

 {
        "manager": {
            "displayName": "X",
            "id": "1974f1a8f6f445f5931840565a800a2d"
        },
        "_type": "identity",
        "type": "identity",
        "_version": "v2"
    },

But I need to get the unique manager id from X, and the unique manager id from Y.

So how can I accomplish that in a workflow?, Because in the query on the search api it’s impossible.

So I want to continue with the unique manager id information. Like I want to start an loop 2 times for manager id X and manager id Y.

pradeep1602 · October 15, 2025, 2:41pm

Hi Dennis,
I am not sure if I fully understood your requirement but
You can try to use the http request to invoke the serach API from the Workflow.

zeross · October 16, 2025, 7:17am

That’s not what I mean.

I want to use the results of that API. But I only want the unique manager id’s. But it returns 10 times ID 12345 and 2 times 56789. What is normal because of the used query. But I need the unique values.

Arshad · October 16, 2025, 11:13am

@zeross When you use the Search API in SailPoint ISC, it gives you the full list of results, including duplicates. It doesn’t have a built-in way to filter out just the unique manager IDs. That means if manager X shows up 10 times and manager Y shows up twice, you’ll get all 12 entries at all times.

To get only the unique manager IDs, you’d need to grab the full API response and process it somewhere else like in an AWS Lambda function or another external service. You could write a small script there to extract just the distinct manager IDs and then pass that cleaned-up list back into your workflow.

As far as I know, SailPoint workflows don’t have a native way to do this kind of de-duplication. So yeah, you can’t loop over just the unique manager IDs directly from the API response as you’ll need to handle that logic outside first.

mpotti · October 16, 2025, 11:38am

You could try adding isManager:true to your search.

@access(displayName:“Active Directory”) AND isManager:true

This seems to only pull back identities that have direct reports.

zeross · October 16, 2025, 7:21pm

I found the search/aggregate endpoint

{
“aggregationsDsl”:{
“unique_manager_ids”:{
“terms”:{
“field”:“manager.id”,
“min_doc_count”:1,
“size”:1000
}
}
},
“indices”:[
“identities”
],
“query”:{
“query”:“access.displayName:“AD Admin BR””
},
“queryResultFilter”:{
“includes”:[
“id”,
“displayName”,
“manager.id”,
“manager.displayName”
]
},
“queryType”:“SAILPOINT”,
“queryVersion”:“5.2”
}

With this body you get also this in the result

{

"aggregations": {

    "unique_manager_ids": {

        "doc_count_error_upper_bound": 0,

        "sum_other_doc_count": 0,

        "buckets": \[

            {

                "key": "1974f1a8f6f445f5931840565a800a2d",

                "doc_count": 11

            },

            {

                "key": "076f2c29e9834192800a341089958685",

                "doc_count": 1

            }

        \]

    }

},

So every bucket is the unique manager.id

Arshad · October 16, 2025, 7:53pm

@zeross Just out of curiosity, could you please elaborate your specific use case for utilizing the unique SailPoint GUIDs of manager identities? What is the intended requirement or action once these manager GUIDs are obtained?

SeanK-W · October 16, 2025, 11:51pm

Haven’t tested with your use case, but you could try adjusting the search query to:access.displayName.exact:

zeross · October 17, 2025, 8:20am

I was searching for identities with a certain BR. And I want to create a campaign for that BR with his manager as reviewer.

So end result must be
Campaign for manager X within he has to certify the BR for identity 1,2,3,4,5
Campaign for manager Y within he has to certify the BR for identity 6,9,1

Is that a little bit clear? It’s difficult to explain in english for me.

zeross · October 17, 2025, 8:20am

It will make it cleaner I guess, will check later if that also worked.

Topic		Replies	Views
Search Query Understanding--What am I missing here? ISC Discussion and Questions identity-security-cloud , search	5	459	December 9, 2023
Nested Query on Managers ISC Discussion and Questions	14	1059	July 19, 2023
Retrieve detailed user information in events ISC Discussion and Questions	3	1250	July 19, 2023
Get Users With More Than One Account in the Same Source ISC Discussion and Questions	14	9633	July 19, 2023
Unable to find Enable/disable account Workflow ID IIQ Discussion and Questions	1	903	July 19, 2023

Search query within an workflow to get unique manager id values

Related topics