Hello all. I hope you are all well.
My team and I are going through an issue regarding entitlement aggregation for a Web Services connector that will allow us to add IdentityNow permissions as entitlements. However, in our installation, testing, and aggregations, we are facing an error.
Exception during aggregation of CERT_ADMIN. Reason: javax.persistence.PersistenceException: org.hibernate.exception.ConstraintViolationException: could not execute statement
Somewhere down the line, we found that we had three new entitlements added, and they have the capabilities attribute name. The capabilities attribute is used for the identities in the source to determine who has what permissions. So far, the only entitlement given to 11 users in the source is ORG_ADMIN.
We looked over the entitlement aggregation settings for the source and we are still using the http query suggested to us through API calls. It’s a group aggregation POST API /v3/search?offset=0&limit=50&count=true with content-type as application/json-patch+json
{
"query": {
"query": "source.name.exact:IdentityNow AND attribute:assignedGroups"
},
"indices": [
"entitlements"
],
"sort": [
"name"
],
"includeNested": false
}
Is there a way we can get rid of these problem entitlements in the source? We tried to upload a new list of entitlements in the source’s entitlements tab, but it couldn’t be removed.