Update one Identity attribute via API

vic_rinkenberger · October 23, 2023, 8:52pm

I am trying to update one Identity attribute via the IIQ API. I’m using this endpoint:

{{baseUrl}}/Users/:userId?attributes=&excludedAttributes=*&lookupByName=true

And I’m using this body:

{
  "userName": "User.Name",
  "urn:ietf:params:scim:schemas:sailpoint:1.0:User": {
    "attributeName": "Test"
  }
}

The Identity attribute is updated as expected, but all of the other Identity attributes on the Identity are completely wiped out.

What am I missing?

Thanks,
Vic

venus · October 23, 2023, 10:01pm

Wondering if the end point is expecting all the existing attributes, along with the new changes.

dheerajk27 · October 24, 2023, 3:04am

Hi @vic_rinkenberger ,

Are you trying to modify identity attribute in target application as based on behaviour your target application api is expecting every attribute value along with changes attribute value.

Please check with application team and modify you api request envelop before sending the request using before rule.

vic_rinkenberger · October 24, 2023, 3:22pm

I’m just trying to modify one Identity attribute directly on the Identity. It seems like it is expecting that I also supply ALL OTHER Identity attributes, or else it will wipe them out.

Vic

MVKR7T · October 24, 2023, 8:47pm

Hi @vic_rinkenberger

The operation is PUT, not PATCH operation.

I have replicate your use case. I just updated display name and it is updated but it wiped out first name, last name and email attributes. However manager attribute is not wiped out.

Remold · October 24, 2023, 9:17pm

It looks like you need to do a GET first to get all the attributes and than perform the PUT with all attributes including the ones not changed and excluding the read-only attributes.

There is not a lot of documentation on the IIQ SCIM API

– Remold

vic_rinkenberger · October 24, 2023, 9:20pm

Ah, that makes sense. So, is there no way to simply update one Identity attribute from the API?

Thanks,

Vic

MVKR7T · October 25, 2023, 7:58am

Yes, it seems to be. We don’t have much documentation on IIQ API.

Remold · October 25, 2023, 8:25am

There might be a way to create a new Workflow (to update a particular attribute) and call that custom Workflow via the API.
But I would only go that route if it is focussed on 1 particular attribute/use-case on a regular basis (Like enable/disable based on an external event or alike).

– Remold

vic_rinkenberger · October 25, 2023, 2:06pm

OK, thanks for everyone’s responses!

MVKR7T · October 25, 2023, 2:20pm

If it is not something custom solution, I would suggest you to use batch requests to update identity data for bulk users. In my experience, we didn’t use any API in IIQ, we used OOTB solutions and custom solutions inside IIQ.

system · December 24, 2023, 2:21pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
IIQ REST API information for 8.1 IIQ Discussion and Questions	10	8033	July 19, 2023
SCIM API for new identities creation IIQ Discussion and Questions	2	971	July 19, 2023
SCIM API : Is there a way to force reset password while creating Identities IIQ Discussion and Questions	9	3279	July 19, 2023
Make identity attribute searchable via SCIM API Call IIQ Discussion and Questions apis , scim-connector , identityiq	1	557	July 19, 2023
IdentityNow - Update Account API ISC Discussion and Questions	12	3563	July 19, 2023

Update one Identity attribute via API

Related Topics