Hello, I have a workflow which sends an email when a lifecycle state changes to ‘terminated’. We identified a stakeholder who needs to receive this email if a very small subset of users terminate. Their list is purely ad-hoc. I would like to add these users to an Active Directory Entitlement, then expand our current workflow to do some sort of Compare Operator. If true, then send the stakeholders an email.
See attached screenshot of my current workflow. Compare String 1 is irrelevant. It identifies terminated users. This works fine.
Compare String 2 is the part I am playing with. I am trying to get a list of user entitlements/roles THEN do some sort of compare operator to identify who is/not a member of the relevant subset.
Is this possible using just the Get Identity action?
Should I be utilizing the Get Access action? (I feel like this is the correct course)
If so, I assume that I would use the $.trigger.identity.id variable. I am not sure how to proceed from here.
I could not iterate with the getAccess action result. Instead I have used an API search to retrieve all data from some identity, including the accesses. I used it to remove all entitlements of some user, detailed is here:
In your case, you should remove the http request action that is inside loop, change the loop filter by something like: