Web servcies connector issue

Soundary · April 9, 2026, 4:58pm

Hi All,

I have built a Web Services connection from OpsRamp to SailPoint.
The following HTTP operations are working as expected:

Account Aggregation
Group Aggregation
Create Account

However, the Add Entitlement operation is failing.

The issue I’m facing is with the Context URL.
For example, when I hard‑code a specific group like below, the operation works:

/Groups/USR-ddce5552-de12-491d-a884-80********

But I’m not sure how to dynamically construct the Context URL so that SailPoint can correctly resolve the group ID at runtime. Specifically, I’m unclear on what value should be provided in place of the id in /Groups/{id} for the connector to fetch the correct group ID.

Below is the request body I’m using for the Add Entitlement operation:

{
  "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
  "Operations": [
    {
      "op": "add",
      "path": "members",
      "value": [
        {
          "value": "$plan.nativeIdentity$"
        }
      ]
    }
  ]
}

Could someone please help clarify how to correctly frame the Context URL for the Add Entitlement operation and what should be used in place of the group ID so it resolves dynamically?

Thanks in advance for your help!

trettkowski · April 9, 2026, 5:44pm

Hi @Soundary

Try this in your context URL: /Groups/$plan.ENTITLEMENTNAME$

You’ll just need to update the ENTITLEMENTNAME part with the attribute name of your entitlement.

Let me know if this works for you!

mshivraj10 · April 9, 2026, 7:48pm

It seems, this is SCIM API. if you are using WebService Connector, then should use Attribute name that you have defined as Entitlement ID in Entitlement Type Schema.

/Groups/$plan.{entitlement ID attribute name}$

Replace {entitlement ID attribute name} with your Attribute name.

jrossicare · April 10, 2026, 12:24am

You can also set the URL in the Before Operation rule.

requestEndPoint.setFullUrl(myUrl);

return requestEndPoint;

BhanuK1 · April 10, 2026, 12:14pm

Hi @Soundary ,
In the account schema, you should have defined an attribute to store entitlements and marked it as entitlement and multi-valued. Make sure to note this attribute name.

When configuring the Add Entitlement operation, use:
/Groups/$plan.entitlement_attribute_name$

Ensure that the attribute name used here exactly matches the one defined in the account schema.

Note: You cannot perform the Add Entitlement operation unless an entitlement attribute is defined in the account schema to store the entitlements associated with the user.

vguleria · April 10, 2026, 12:42pm

Hi @Soundary

It will depend on your account schema. What is the name of the attribute where you store the information about groups assigned to the user.

For example in my case, I am storing the information on “groups”. So then I my context URL becomes like below

Try using this approach and it should work. I hope the identity id is being passed properly.

Thank You.
Regards

Vikas.

Topic		Replies	Views
How to pass group id in the context url ISC Discussion and Questions webservice-connector , apis , identity-security-cloud , provisioning , access-requests	5	173	January 6, 2025
WebService Add Entitlement ISC Discussion and Questions identity-security-cloud	2	72	October 25, 2025
Web Services Connector - Unable to Pass Entitlement Value in Account Creation HTTP Operation ISC Discussion and Questions webservice-connector , identity-security-cloud	31	345	August 15, 2025
How to create entitlement manually in webservice connector? ISC Discussion and Questions webservice-connector , identity-security-cloud , entitlements	9	841	May 21, 2024
WebService Add Entitlement ISC Discussion and Questions identity-security-cloud , provisioning	4	76	January 23, 2026

Web servcies connector issue

Hi All,

Related topics