Workflow - Remove access and disable accounts

We are working on a termination workflow in which the user’s account gets disabled along with access removal. We want this termination to remove access only for some specific sources, where we can filter access based on source name or source ID

However, the search query I’m using to filter these applications isn’t producing the expected results.

{
“query”: {
“query”: “@accounts(source.name:SAP) OR @accounts(source.name:SAP_GRC) OR @accounts(source.name:SAP_HANA)”
},
“sort”: [
“name”
]
}

Please let us know if you have a better approach.

Hi @Dharani_01 ,
Use get Accounts actions and after that use manage accounts to disable specific sources. use this json path to detect specific sources $.getAccounts.accounts[?(@.sourceName==‘sourceName’)].id

Hey @Dharani_01,

You are planning to disable the accounts of user using a workflow. Have you tried using Lifecycle States ?

You could perform disable/delete operation based on the lifecycle user’s identity. If the identity status is updated to Terminated, it will automatically disable the accounts in the specified source.

1 Like

I think that using single quotes in the JSON Path is incorrect, and "..." should be used.
You can see that single quotes don’t work correctly if you have a ) in your source name.

Hi @Dharani_01

Can you try testing this search query to filter the accounts from specific sources?

{
    "indices": [
        "identities"
    ],
    "query": {
        "query": "@accounts(source.name:'SAP') OR @accounts(source.name:'SAP_GRC') OR @accounts(source.name:'SAP_HANA')"
    },
    "queryResultFilter": {
        "includes": [
            "name", "id"
        
        ]
    }
    }

Also, if you want to remove their access profiles from specific sources then you can use this filter in the Loop Input.

$.hTTPRequest.body[0].access[?((@.type == "ACCESS_PROFILE" && @.source.name == "SAP") || (@.type == "ACCESS_PROFILE" && @.source.name == "SAP_GRC") || (@.type == "ACCESS_PROFILE" && @.source.name == "SAP_HANA")]

Hope this would help.

Thanks

1 Like

Hi @nhassan ,

thanks, I was looking into the same. Additionally, in that query, can I include filter for specific users? For example, if a particular user has accounts in any of the sources, I need the that particular source name to be included in the query output. Is that possible.

@Dharani_01 Sorry for the late reply.

You can try using these search queries that should give you accounts of a specific user including sources names/Ids and then apply an operator to get/compare the desired results and then proceed with next steps in the workflow.

{
    "indices": [
        "identities"
    ],
    "query": {
        "query": "id:Id_of_the_Identity"
    },
    "queryResultFilter": {
        "includes": [
            "id", "displayName", "email", "accounts"
                   ]
}
}

OR

"query": "id:{{$.trigger.identity.id}}"

OR

"query": "attributes.title: \"IAM Engineer\""

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.