What use case are you trying to achieve / why are you trying to get the Access Profile information on the identity profile? It’s not a common use case. Depending on what you’re trying to do with the identity attribute you’re creating, there may be a different way to achieve your end goal.
I`m integrating two companies that has ISC, basically both ISC is a authoritative source.
We tried to use the ISC connector developed by Sailpoint but the filtering is just bad. So we`ve created a WebServices Connector that reads a governance group and aggregate the identities.
In tenant 1 a user request a governance group that says the user should have access in the tenant 2. Tenant 2 aggregate tenant 1 and create the Identities.
But we are planning to change that, the idea is to do the aggregation based on Identity Attribute.
Try this, instead of using $identity.getAssignedRoles() try using $identity.getLinks() from there you can use getApplication() or getEntitlements() to identify if the user has the access that you are looking for.
Hum…while thinking about the use case / scenario, it looks like ISC itself doesn’t have a SCIM interface for it to be seen as a SCIM managed system?
@coelhoya2 If you’re using ISC’s API, I think using a Search would be the way to go because using velocity in transforms isn’t recommended for the difficulty of maintenance.
I would recommend using multiple aggregation APIs, first being a search like @access(type:"ACCESS_PROFILE" AND name.exact:"YOUR_AP_NAME_HERE") and in the attributes you can add ID, username, email … Then, call a second API to get identity by ID or filter based on the specific attribute returned by the Search.