Update account attribute upon termination

jasmedina · August 2, 2024, 3:52pm

Hi All,

For context, the application we are configuring does not have an API Endpoint to Disable the account so as a workaround, I used the Update API which uses the PUT method. So if the attribute p_activate turns to false, the account will be disabled.

This is the body of the Disable Account HTTP Operation. HTTP Method is PUT

{
    "atom":{
        "p_activate":false
     }
}

All of this is working in Postman. But in IDN, when I tried to disable the user’s account, the account gets disabled but the attribute is not getting updated so when I run the aggregation again, it gets re-enabled because the p_activate attribute is still true.

uday_kilambiCTS · August 2, 2024, 4:42pm

Hi @jasmedina ,

Can you confirm the following:

Have you configured the attribute “Account Enable Status Attribute” such that connector knows when to mark the account to disable after aggregation?
The description didn’t provide how you passed nativeIdentity details, have you verified by printing the requestEndPoint in the logs to see if the fullURL of the API and request body are similar to Postman execution?

Regards,
Uday Kilambi

shekhardas1825 · August 2, 2024, 4:43pm

@jasmedina Not sure you have tried this or not.

Configure PATCH instead of PUT in IDN, Keep the same body.

Add Content-Type = application/json-patch+json in header.

If this does not work, revert your changes to PUT only and deploy below rule and attach it to disable operation:

BeforeOperation Rule:

log.info("Starting Sample_BeforeOperation_Rule");
log.info("-------------------Printing requestEndPoint-----------------------------" + requestEndPoint);
log.info("End of Sample_BeforeOperation_Rule");

AfterOperation Rule:

log.info("Starting Sample_AfterOperation_Rule");
log.info("-------------------Printing requestEndPoint-----------------------------" + requestEndPoint);
log.info("-------------------Printing rawResponseObject-----------------------------" + rawResponseObject);
log.info("-------------------Printing processedResponseObject-----------------------------" + processedResponseObject);
log.info("End of Sample_AfterOperation_Rule");

Validate these in CCG logs.

Regards,
Shekhar Das

Arun-Kumar · August 4, 2024, 3:59am

Hi,
Set the Account Enable Status Attribute to p_activate=true and run the account aggregation. The status of all accounts with attribute ‘p_activate’ and value ‘true’ will be ‘Enabled’.

Regards,
Arun

system · October 3, 2024, 4:00am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Disable account-> Need to define account status attribute ISC Discussion and Questions aggregation , identity-security-cloud , provisioning	5	541	February 17, 2024
Disabling Accounts in IDN: Response Mapping and Attribute Updates Using Web Services Connector ISC Discussion and Questions webservice-connector , apis	7	162	August 19, 2024
Web Services Connector \| \| Account Enable Status Attribute ISC Discussion and Questions	11	3986	July 19, 2023
Update AD attribute upon termination ISC Discussion and Questions transforms , identity-security-cloud	5	66	October 14, 2024
Webservice connector account is not set to disable in accounts tab ISC Discussion and Questions webservice-connector , identity-security-cloud , provisioning	4	311	February 26, 2024

Update account attribute upon termination

Related topics