Webservice Connector - Create Account Operation - Empty Response

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hi there, could you help me please?

My Account Schema:

image
image1908×845 51.5 KB

Account ID is “login”.

My create endpoint after create operation only return a empty object

image
image1432×414 34.3 KB

What to do if generated login is not returned in the create account response?

This empty response is causing this problem, the account gets “???”

image
image1918×470 28.9 KB

2

Hello @denanife,

This is tricky to solve since no data is returned. Unfortunately, if no other endpoints to fetch/filter users is available, you may need to wait until next aggregation for the data to resolve.

If you have an API endpoint available that allows for finding the account off of a filter with an account attribute that you know (ex. /accounts?filter=name eq ‘’), you could use an After Operation rule to query off of the known information and fetch the generated account ID. For example:

  1. Use restClient.executeGet() for the filterable endpoint using the requestEndPoint.getBody() information that was sent on the create request.
  2. Return an updated map with the account information that you are able to fetch.

For information on the Java calls to use within the rule check out this.

In theory, you can do this After Operation rule to mock a response object with the requested information even if you don’t have the filter endpoint, but you wouldn’t have the account ID until next aggregation.

Is there a filterable endpoint that could work for you? If you give this a go, let me know how it works for you :slight_smile:

6 Likes
3

Dear Ventaja,

It’s not the response empty issue, we are not reading create account response to sailpoint.

It was the issue due to getting user login id and account name into sailpoint.

Check your Single Account Aggregation Response schema have you provided attribute and proper schema path or not?

Check user activity from search either user account provisioned with login ID or not?

Best Regards,
Siva.K

1 Like
4

Hi my friend, first I use this AfterRule and I get the login

Map mapping = requestEndPoint.getResMappingObj();

Map body = requestEndPoint.getBody();
String jsonBody = (String) body.get("jsonBody");

Now, how I return an updated map with the account information?

Can you help me?

5

Hi @denanife,
Couple of things before you can go to AfterOperationRule.

  1. What does your create API return as a response. Does it give you any id which belongs to the account that is created. If yes first you need to map that as resMappingObj in create operation
  2. Once you have the response you can take that value in WebServiceAfterOperationRule and do something like this.

String idFromResponse = null;

        for (Map iterateMap : processedResponseObject) {
            log.info("id ::" + iterateMap.get("id"));
            
            if(iterateMap != null && iterateMap.get("id") != null) {
                idFromResponse = (String) iterateMap.get("id");
                log.info("id that is created after the account creation::" + idFromResponse);
            }
        }

You can use the above id to make get call and prepare updatedMapInfo.

For more samples you can refer this link

Thanks,
Uday

1 Like
6

Something along the lines of this should is what I was talking about:

import java.util.HashMap;
import java.util.Map.Entry;
import java.util.Map;
import java.util.List;
import java.util.ArrayList;
import java.text.ParseException;

Map updatedMapInfo = new HashMap();
List finalList = new ArrayList();
Map body = requestEndPoint.getBody();
String jsonBody = (String) body.get("jsonBody");

Map jsonMap = JsonUtil.toMap(jsonBody);
if (jsonMap != null) {
    for (int i = 0; i < processedResponseObject.size(); i++) {
        Map responseMap = (Map) processedResponseObject.get(i);

        // Get Login from requestEndpoint
        String login = (String) jsonMap.get("login");

        // Get ID
        List allowedStatuses = requestEndPoint.getResponseCode();
        Map header = requestEndPoint.getHeader();
        String fullUrl = requestEndPoint.getFullUrl(); // Can change the URL to what the filter is.
        String createdAccountFiltered = restClient.executeGet(fullUrl + "?login=" + login, header, allowedStatuses);
        Map createdAccountMap = JsonUtil.toMap(createdAccountFiltered);
        String accountId = createdAccountMap.get("id");

        // Add info to response
        responseMap.put("id", accountId);
        responseMap.put("login", login);
        responseMap.put("<some-attribute>", jsonMap.get("<some-attribute>"));

        finalList.add(responseMap);
    }

    updatedMapInfo.put("data", finalList);
}

return updatedMapInfo;

Don’t forget to add try/catch for exceptions and to add additional logging for debugging. You can catch the log statements by turning on CCG debug logging for the connector and viewing the ccg.log file on the VA.

3 Likes
7

I forgot to mention in my previous post, but ensure that you add the response mapping configuration to the operation in the UI for this to work correctly.

1 Like
8

Thank u so much @bcariaga, previous post worked well!!

1 Like
9

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.