Webservice Application

kiran_sai · September 11, 2021, 3:11pm

Hi Sailors,

I have created a webservice Application. we are facing few issues as detailed below:
ISSUE 1 : When a user raise the request for multiple entitlements, (for Example - creating the account and updating the same) then those two requests are hitting the connector as individual tasks at the same time and both are having the operation Type as Create (Instead of one as Create and other as Modify).
We need your siggestion to handle the requests one after the other(second request as modify)

ISSUE 2 : When a user with Entitlements A, B, C is raising request for multiple entitlements such X & Y, then two requests (X,Y) are hitting the connector as individual tasks at the same time and both are having the operation type as Modify… Then the user should get the Profile updated as A, B, C, X,Y.
But, for some requests we are facing the overlap/Wipe-off issue.

Reason: The two requests (X,Y) are hitting the connector as individual two tasks at the same time, this is leading to create two JSON’s A,B,C,X for request 1 and A,B,C,Y as request 2.

API behaviour is if you want to do any modify operation you need to collect the existing profiles/Entitlements of the user and send in modify JSON if we miss any profile then that access will be wiped off from the target system.

Example:
If User have entitlement A, B, C
then we raise request for X & Y
if B hits the connector 1st then MODIFY request JSON should be like below
{ ProfileName : [A,B,C,X] }
if c hits the connector next then MODIFY request JSON should be like below
{ ProfileName : [A,B,C,X,Y] }

Can you please help us to sort this issue.

Thanks,
Saikiran D

adam_creaney · September 13, 2021, 4:13pm

Hi Saikiran! Welcome to the forums.

The web services connector is pretty flexible, so we should be able to work this out. First - what version of IdentityIQ are you using?

Next, for your ‘Add Entitlement’ operation, are you using a PUT or a PATCH operation?

For ISSUE 1 - to bucket the create request and the add entitlements into a single operation (if your endpoint supports this) - there is a createAccountWithEntReq flag that you can set in the application xml.

ISSUE 2 - this sounds like your operation is a PUT operation and causing the override behavior. Does your endpoint have a PATCH equivalent? If not - you can also create a WebServicesBeforeOperationRule on your ‘Add Entitlement’ endpoint. Here you could get the body directly from the ‘requestEndPoint’ input variable, and directly modify the JSON body to include the users existing entitlements so they are not removed when you add new ones.

Topic		Replies	Views
Webservice connector Add Entitlement issue IIQ Discussion and Questions webservice-connector , identityiq	6	59	September 30, 2024
Add Entitlement Operation in webservice connector IIQ Discussion and Questions webservice-connector , identityiq	1	19	November 7, 2024
Adding multiple entitlements with separate api calls in one request IIQ Discussion and Questions webservice-connector , identityiq	25	139	November 1, 2024
Web service operation provisioning IIQ Discussion and Questions webservice-connector , identityiq , provisioning , entitlements	11	157	August 4, 2024
Web service connector add entitlement throwing Update Account error IIQ Discussion and Questions webservice-connector , identityiq	5	45	October 21, 2024

Webservice Application

Related topics