V3 API - Search Accounts

Identity Security Cloud (ISC) ISC Discussion and Questions
1

Hi everyone,
We are currently building some external KPI dashboards for our Identities + accounts and we are trying to leverage V3 Search API to do so.

One of the limit we are facing is when we want to get the list of accounts available in our IDN tenant. As part of the documentation, this should be possible using Search with indices “accounts”, but we get an empty result if we do so.

Could you please confirm the best way to do it ?

I’m not comfortable using the V3 Accounts API as it requires ORG_ADMIN access which seems high admin level for a simple KPI dashboard.

Thanks for your help / ideas.

Thibault

2

Hello @thibault_dlm
Welcome to the community!
It depends on what you are trying to achieve.
I imagine that for a KPI dashboard, aggregations (cf. search-aggregate | SailPoint Developer Community) may be a good fit to collect data

3

Hi Yannick,

Thanks for your prompt feedback.

Actually what I would like is
→ To get all my identities in a query
→ To get all my accounts (correlated or not) from all my sources in another query
→ Correlate those results directly in my Dashboard tool, based on NativeIdentity ID

For the identities part, it’s already working with the V3/Search endpoint

{
    "queryType": "SAILPOINT",
    "indices": [
        "identities"
    ],
    "query": {
        "query": "*"
    },
    "queryResultFilter": {
        "includes": [
            "id",
            "name",
            "employeeNumber",
            "displayName",
            "status",
            "inactive",
            "identityProfile.name",
            "attributes.uid",
            "attributes.country",
            "attributes.company"
        ]
    }
}

For the Account query, I would like something similar but I don’t have the solution yet. For now I’ve found a workaround to add some queryFilters in my first query (accounts.source.name, accounts.disabled…) but it’s not straightforward and it doesn’t get the uncorrelated accounts.

Could the searchAggregate API be used to fulfill our requirement ?

Thibault

4

In the search query, you can use the parameter "includeNested": true to get all accounts of an identity, like:

{
    "queryType": "SAILPOINT",
    "indices": [
        "identities"
    ],
    "query": {
        "query": "*"
    },
    "includeNested": true,
    "queryResultFilter": {
        "includes": [
            "id",
            "name",
            "employeeNumber",
            "displayName",
            "status",
            "inactive",
            "identityProfile.name",
            "attributes.uid",
            "attributes.country",
            "attributes.company"
        ]
    }
}

You will not be able to get uncorrelated account from search, at least for now.

5

@thibault_dlm Check out this previous discussion: Get Users With More Than One Account in the Same Source. It might help you with a solution.