If addRemoveEntInSingleReq is set to true, then the placeholder value for the attribute marked as an entitlement is passed as an array and is executed in a single request.
How are you sending the requests that you would expect to be together? Is it an access request / certification / role provisioning? I found depending on the request type, SailPoint treats sending requests separately vs together differently.
If those are entitlement based requests, then that would explain it. Try putting the entitlements you want in an access profile, then requesting it. You should see them grouped together.
This only works for Roles and Access Profiles. If you go to the Request Center and select multiple entitlements to request, it will not unify the request.
I have followed the configuration for addRemoveEntInSingleReq=true, but I am encountering a 422 Validation Error during the Create operation when requesting access via the Request Center.
The error message indicates that the roles attribute is not being sent as a valid list:
Provisioning error:
Exception occurred while performing ‘Create’ operation on identity ‘null’: Url: https://baseurl/stage/account/v2/users, Message: 422 : {“error”:{“message”:“validation errors”,“resource”:“/account/v2/users”,“detail”:[{“loc”:[“body”,“roles”],“msg”:“value is not a valid list”,“type”:“type_error.list”}],“body”:{“firstName”:“TEST 2”,“lastName”:“TEST 3”,“roles”:“[\”[\\\\\“ROLE_CMRC_READ_CART\\\\\”,\\\\\“ROLE_CMRC_READ_PAYMENT_METHOD\\\\\”,\\\\\“ROLE_CMRC_READ_QUOTE\\\\\”,\\\\\“ROLE_CMRC_SEARCH_BILLING_ACCOUNT\\\\\”,\\\\\“ROLE_VIEW_ACCOUNT\\\\\”]\“]”,“email”:"TEST2.TEST3@test.com"}}}, HTTP Error Code: 422
Looking at the request body in the error, it seems the roles are being “double-stringified” and escaped:
Has anyone encountered this where SailPoint wraps the Entitlement list in extra quotes/escaped characters instead of sending a raw JSON array? How can I ensure the roles are sent as a clean array like ["Role1", "Role2"]?