Webservice account creation for the hierarchy role request

Identity Security Cloud (ISC) ISC Discussion and Questions
, , ,
1

Hi team,

We’re planning to implement webservice VA connector for one of the cloud applications. Account creation will be done using role request. Role is of array of objects. How this can be designed in SailPoint IdentityNow? I’ve provided postman sample for create user and get role API
Create User payload:

[
  {
    "userName": "atestuser1",
    "password": "Password123!",
    "name": {
      "firstName": "Test",
      "middleName": "A",
      "lastName": "User1",
      "displayName": "Test User1"
    },
    "email": "atestuser1@localhost.local",
    "phoneNumber": "555-555-5555",
    "roles": [
      {
        "type": "Close",
        "value": "CloseAdmin"
      },
      {
        "type": "Certification",
        "value": "Reconciler"
      },
      {
        "type": "Certification",
        "value": "ProgramAdmin"
      },
      {
        "type": "JournalEntry",
        "value": "Preparer"
      }
    ],
    "userAccess": {
      "r2RReadOnly": true,
      "r2RAdmin": false,
      "r2REnabled": true,
      "accessClose": true,
      "accessCompliance": true
    },
    "departmentId": "SALES",
    "locationId": "Americas",
    "programAdminId": "Admin"
  },
  {
    "userName": "atestuser2",
    "password": "Password345!",
    "name": {
      "firstName": "Test",
      "middleName": "A",
      "lastName": "User2",
      "displayName": "Test User2"
    },
    "email": "atestuser2@localhost.local"
  }
]

**Get Roles response from postman** 

[
  {
    "type": "Close",
    "value": "CloseAdmin"
  },
  {
    "type": "Certification",
    "value": "Reconciler"
  },
  {
    "type": "JournalEntry",
    "value": "Preparer"
  }
]
2

For this one you will need to define each operation in which you want to call on the WebServices Connector. You could also look at building your own connector using the SDK’s from SailPoint. When using the web services connector you will most likely have to build custom rules to apply to the response that are returned in you API calls. Please let us know if this helps.

Custom Connector:

Tools:

3

@Shonnegowda is there any API to get the all roles object available.
If yes please configure the below steps

1- Create an operation entitlement aggregation
2- Create an entitlement multivalued attribute in the account schema
3- Add the entitlement schema in entitlement type
4-Run the entitlement aggregation to get all groups
5-Setup create profile
6-Setup Add entitlement and Create account .
7- Request the role and check if it works

Let me know if you face any issues

4

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.