MBaraka
July 31, 2025, 10:34am
1
Hey everyone.
Endpoint to get All Users
Endpoint to get All Roles
Endpoint to get 1 user’s roles based on the user’s id that has been passed in the URL.
So, I made 2 account aggregation methods:
Parent one to get all users.
Another account aggregation one to get the user’s roles.
Now the Issue is that I am getting only 1 role id or nothing but in fact the user should has at least 1 role. And I believe that the issue will be in the root path or the response mapping.
Here is sample of the output of getting from the user’s roles based on the user’s id in postman.
[
{
"id": "658ee00b-a955-4a3f-81ae-4f370cdf5377",
"name": "default-roles-demo-realm",
"description": "${role_default-roles}",
"composite": true,
"clientRole": false,
"containerId": "e4b5a5e0-768f-4bae-b434-908cb0f2e273"
},
{
"id": "607e6e01-f46d-4b08-8e61-2449d0cfa794",
"name": "Cell-Info-Role",
"composite": false,
"clientRole": false,
"containerId": "e4b5a5e0-768f-4bae-b434-908cb0f2e273"
}
]
Response configuration:
Mostafa Baraka:
[
{
"id": "658ee00b-a955-4a3f-81ae-4f370cdf5377",
"name": "default-roles-demo-realm",
"description": "${role_default-roles}",
"composite": true,
"clientRole": false,
"containerId": "e4b5a5e0-768f-4bae-b434-908cb0f2e273"
},
{
"id": "607e6e01-f46d-4b08-8e61-2449d0cfa794",
"name": "Cell-Info-Role",
"composite": false,
"clientRole": false,
"containerId": "e4b5a5e0-768f-4bae-b434-908cb0f2e273"
}
]
Hello @MBaraka
Could you please try root path as $[*] – this would ensure to iterate over each object in the response array
MBaraka
July 31, 2025, 2:22pm
3
Hi @jainanimesh
Just tried it and unfortunately, only few users got 1 role and the others didn’t any role.
Hello @MBaraka
Could you please check the attribute type in schema? It should be marked as multivalued.
MBaraka
July 31, 2025, 3:23pm
5
Here is the attribute from the schema
Arpitha1
August 1, 2025, 4:13am
6
Hi @Mostafa_Baraka
Try not keeping anything in root path and update attribute path as $[*].id
tharshith
August 1, 2025, 6:34am
7
Hi @MBaraka
The issue is with rootpath and attribute path. Please configure in below mentioned way.$[*] $[*].id
MBaraka
August 1, 2025, 12:30pm
8
Hi @Arpitha1 & @tharshith
Just tried both the solutions but unfortunately the issue still exists.
use Root path = $[*]
MBaraka
August 1, 2025, 12:54pm
10
Unfortunately the issue still persist.
tharshith
August 1, 2025, 2:34pm
11
Try only putting Attribute path as $[*].id and Remove root path completely.
MBaraka
August 1, 2025, 4:51pm
12
Tried it before and it didn’t work.
MBaraka
August 5, 2025, 1:38pm
13
Any hint on this one guys?
trettkowski
August 5, 2025, 1:52pm
14
Hi @MBaraka , can you try with the path below? I know someone already gave you this one, but please try that and make an after rule that prints the rawResponseObject & processedResponseObject? This will point you in the right direction to what it’s grabbing from the raw data and how it’s being formatted into the processed data.
use Root path = $[*]
Hopefully this will point you in the right direction to what’s wrong with the mapping. Worst case, you may need an after rule to format the data properly.
MBaraka
August 14, 2025, 1:19pm
15
Hi @trettkowski
Thank you for your response.
I figured out that if the user has more than 1 role the roles not being grabbed but if he has only 1 role it appears.
MBaraka
September 7, 2025, 7:05am
16
It was solved by adding the roles in the after-provision rule of the operation.
import java.util.HashMap;
import java.util.Map;
import java.util.ArrayList;
log.info("After Operation Rule Started");
if (rawResponseObject != null) {
log.info("Raw response: " + rawResponseObject.toString());
try {
// Parse the roles response
ArrayList rolesList = JsonUtil.toList(rawResponseObject);
log.info("Parsed roles array, size: " + rolesList.size());
// Extract role IDs/names
ArrayList result = new ArrayList();
for (int i = 0; i < rolesList.size(); i++) {
Map roleEntry = (Map) rolesList.get(i);
if (roleEntry != null) {
log.info("Processing role: " + roleEntry.toString());
// Try to get 'id' first, then 'name' as fallback
String roleValue = (String) roleEntry.get("id");
if (roleValue != null) {
result.add(roleValue);
log.info("Added role: " + roleValue);
}
}
}
log.info("Total roles extracted: " + result.size());
log.info("Roles list: " + result.toString());
// Create the special structure that SailPoint WebService connector expects
// for multi-valued attributes to work correctly
Map roleMap = new HashMap();
roleMap.put("MOIroles", result); // Use the attribute name from your mapping
ArrayList dataList = new ArrayList();
dataList.add(roleMap);
Map finalResult = new HashMap();
finalResult.put("data", dataList);
log.info("Final structured result: " + finalResult.toString());
log.info("=== Multi-Valued Roles Fix Completed ===");
return finalResult;
} catch (Exception e) {
log.info("ERROR processing roles: " + e.getMessage());
log.info("Returning original response due to error");
return rawResponseObject;
}
} else {
log.info("Raw response is null - returning null");
return null;
}
system
November 6, 2025, 7:05am
17
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
