Web Service Accounts Filter in aggregation

Identity Security Cloud (ISC) ISC Discussion and Questions
, , ,
1

Hello Experts,

We have web service connector which is working great, however when I try to put filter in context url to pull certain users based on payroll group it still pulls all users. I went through all the related posts I found this doc https://community.sailpoint.com/t5/Identity-Security-Cloud-Wiki/IdentityNow-Account-Filtering-during-Account-Aggregation/ta-p/142873#:\~:text=Accounts%20which%20match%20the%20filter%20string%20will%20be%20filtered.%20Accounts%20which%20do%20not%20match,%20will%20be%20sent%20to%20IdentityNow%20as%20normal
Could someone help me understand if this would apply in this scenario?

Thanks,

Shubham

2

Hi @Shubhams_009

As far as I know, the filter string option is not available for the web services connector type or it’s at least not available in the UI.

You should be able to filter it using the context URL assuming the API has that option. Have you tested the filter via the API in postman? If it’s an API limitation, then you will have to do the filtering either using the filterString option or filtering in an after operations rule by removing the users from the processedResponseObject.

3

Hi Shubham,

I think document you linked doesn’t apply to filtering via context url, its apply ISC side account exclusion.

To achieve your requirement if your api supports Payrollgroup based filter you can use that if not try to use webservice after operation rule

here is sample code modify according to your schema-

import java.util.*;

log.info(“After Aggregation Rule starting - payrollgroup only”);

if (processedResponseObject == null) {

Map emptyReturn = new HashMap();

emptyReturn.put(“data”, new ArrayList());

return emptyReturn;

}

String allowedPayrollGroup = “ABC”; // ← replace with the payroll group

List kept = new ArrayList();

int droppedPayroll = 0, droppedMissing = 0;

for (Iterator itRows = ((List) processedResponseObject).iterator(); itRows.hasNext():wink: {

Object obj = itRows.next();

if (!(obj instanceof Map)) { droppedMissing++; continue; }

Map m = (Map) obj;

Object pgObj = m.get(“payrollgroup”);

String pg = (pgObj == null) ? null : String.valueOf(pgObj).trim();

if (pg == null || pg.length() == 0 || !pg.equalsIgnoreCase(allowedPayrollGroup)) {

droppedPayroll++;

continue;

}

kept.add(m);

}

log.info(“After Aggregation payrollgroup-only: input=” + ((List) processedResponseObject).size()

  • “, kept=” + kept.size()

  • “, droppedMissing=” + droppedMissing

  • “, droppedPayroll=” + droppedPayroll);

Map returnMap = new HashMap();

returnMap.put(“data”, kept);

return returnMap;

Thanks

Mahesh

4

Thank you Tyler! In our case filter string option worked for us.