The account aggregation fails with the following error message:
Resolution: GET Permissions for the attribute “User-based Security groups”. This corresponds to the element “USER_BASED_SECURITY_GROUPS” on the default account schema.
Can you add troubleshooting steps here for validating the User Based Security Groups are configured correctly? Currently we are seeing the Descriptor and Comment fields in the metadata for the entitlements, but the ID is still being used for the name, and the Description is blank. Based on the Documentation, we should only get the Descriptor and Comment fields if OAuth 2.0 is configured, so based on the fact we see them, they should be (We also verified with the Workday Team that they were configured per the Document) However, there seems to be some steps missing in the documentation to get them to show properly.
Hi Geoff! Thank you for your input. We’ve created a Jira issue to track the effort and we’ll update the comment thread when it’s been addressed: CONDOCS-4067
Hi Geoff, could you please provide a more detailed description of the issue, as the current comment lacks clarity? This will help ensure that we capture all critical information for our documentation.
We had set up OAuth2 to connect with Workday to be able to pull the Descriptor and Comment fields in, per the comment on this page: Group Attributes
Those fields should map to the name and description for the Entitlement, but we were only able to see them in the Metadata for the Entitlement, they did not get mapped. We had to manually update the mapping to get them to show correctly in Sailpoint. This is our final configuration for it:
is it possible to include a step by step guide for adding the calculated field in Workday?
even the screenshot provided in the article is low resolution and I can’t see it