User Creation in the NERM

vikasjain99999 · January 23, 2025, 6:12am

We want to store the user’s mobile number in the NERM under User object, but I couldn’t find any attribute in that we can update this information. I am trying to create / update the user through User RestAPI. Please guide me on how we can achieve this?

Additionally, in the User API JSON body, we can include the “profile_id” attribute. However, when retrieving user information via the API, the profile_id is not returned. Please guide me the purpose of this attribute in the user object and how we can retrieve its information?

ZackTarantino-Woolson · January 23, 2025, 2:39pm

At this time, NERM does not support holding a Phone Number on the User object (Lifecyle System Users / Collaboration Portal Users). Primary data that can be set would be Name, Email, Title, Login, and the Group Strings for linking to User Roles. You could repurpose the “Title” text field to be filled with a phone number if you are not currently using that, but we are unable to re-label the field.

Profile ID is used as a way to link Collaboration Portal Users (NeaccessUser in the API) to a Lifecycle Profile. All Portal Users must have an associated Profile when they are created. Generally it is used to hold additional information about the User and to manage the lifecycle of the User (Update information, Terminate them, etc). Profiles can only be linked to Portal Users, not Lifecycle users.

At this time, we do not return the profile_id in the response JSON - but that would be useful to have. I created an Idea here to track that and get it in front of our Product Managers : Users API endpoint should return the profile | SailPoint Ideas Portal

vikasjain99999 · January 23, 2025, 6:44pm

The API documentation provides the following example of a JSON body for creating Lifecycle System Users, which includes a reference to the “profile_id” attribute. For testing purposes, I included the profile_id of a specific profile when creating a System User via the REST API. However, I am unable to see any impact of this profile_id on the System User object, and after the user is created, there is no way to validate which profile_id is linked to the user.

URL: {{baseUrl}}/user
Method: Post
{
  "user": {
    "name": "Bob",
    "email": "[email protected]",
    "type": "NeprofileUser",
    "profile_id": "db6f8e8b-65c2-47d5-a0db-90bcc4e9df9e",
    "title": "my_user_title",
    "status": "Active",
    "login": "my_user",
    "group_strings": "Administrator_group,Developer_group",
    "locale": "fr-CA",
    "password": "U*bF7hy9fW"
  }
}

ZackTarantino-Woolson · January 23, 2025, 7:21pm

This appears to be a side effect of having our Lifecyle and Collaboration data on the same API documentation… We could probably make that bit clearer…

While the API might accept that request, to set a profile_id on a Lifecycle user (NeprofileUser), there would be no effect in the app - as you have noted. As previously mentioned, Profiles can only be linked to Collaboration Portal Users, not Lifecycle users.

system · March 24, 2025, 7:21pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.