The Web services connector create account

IdentityIQ (IIQ) IIQ Discussion and Questions
, ,
21

Hello @Arpitha1 ,

image
image1873×1224 93.4 KB

I have received the requirement to create accounts in the end application using SailPoint. There is no role or group management involved in the end application.

The task is to retrieve direct employee details from Active Directory (AD) into SailPoint and then create the accounts in the end application.

Retrieve the data for direct employee is done. since the sailpoint is integrated with AD.

Thanks
Md Riyazuddin

22

Hi @RiyazuddinM If your requirement is to just perform aggregation and create account, then you can change the Identity Attribute from ‘Employee ID’ to ‘Username’.

Also add the field in create provisioning form with Username and pass the identity email.

23

Hi @Arpitha1 ,

I changed the identity attribute to username and try to create an account, lucky now account was getting created in the end appllication, but I am still getting the native identity warm

image
image2206×396 28.6 KB

image
image2218×1254 85.4 KB

also, in the access request its showing as the requested got failed.

image
image2121×1092 135 KB

also, in the identity cube I am seeing two application.
why is this showing in this way.

can you please guide me.

Thanks,
Md Riyazuddin

24

@RiyazuddinM

Can you send,

  1. Application xml or ProvisioningForm entry
  2. Debug → IdentityRequest → export the content of 4044. You may need to append some zeros like (000004044) . Basically I need to see what’s your plan
25

Hello @Arpitha1

Application Xml
Availo.xml (17.6 KB)

Identity request
IdentityRequest4044.xml (29.8 KB)

Thanks for your support

Thanks
Md Riyazuddin

26

@RiyazuddinM i believe it is type which you have for idenity Attribute, which is correct or not please revalidate
you have mapping like

While passing in json you are using
"UserName" : "$plan.userName$"
In provisioning policy

In idenitty Attribute
identityAttribute=“Username”

So somewhere your mapping is not correct , but the correct mapping and for safer side while you are sending create request that time also put the mapping like you have account aggreatuo for single user. This issue will be resolve once you add resource mapping for create and correct the mapping.

27

Hi @RiyazuddinM

I can see userName is plan. Hence your API is executed successfully and account might have created in target.

The issue is in identifying nativeIdentity. Can you change userName field as Username in create provision policy. Basically is should look as below.

image
image1290×109 7.12 KB

And then update the Body in Create Account operation.

$plan.nativeIdentity$

28

Hi @Arpitha1 ,

I have updated the provisioning and the body

image
image1569×619 39.8 KB

image
image1752×771 38.5 KB

and try to test the create account from SailPoint it giving me an error/warm of native identity.
the account is getting created in the target application

image
image2177×918 90.4 KB

also below is before account aggregation.

image
image2211×957 128 KB

after account aggregation

image
image2171×929 128 KB
n

I have added the detect delete accounts

image
image2022×1119 102 KB

Thanks
Md Riyazuddin

29

Hi @RiyazuddinM update the body of userName attribute with below value. I modified it in previous comment too
image

1 Like
30

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.