Workflow to remove all access that contains "Managed Users"

Yathish · January 19, 2024, 6:07am

Need to remove the groups based on below conditions

Type = Entitlement
Source Name = Active Directory - Users
Value Contains “Managed Users”

The below filter is working fine to remove all the groups for 1st 2 conditions
$.hTTPRequest.body[0].access[?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users”)] but when i try to include the 3rd condtion the workflow breaks or skips the Loop.

Filters I have tried till now:

$.hTTPRequest.body[0].access[?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users” && ‘Managed Users’ in @.value )]
$.hTTPRequest.body[0][?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users” && @.value =~ /.Managed Users./)]
3)$.hTTPRequest.body[0].access[?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users” && contains(@.value, ‘Managed Users’))]

baoussounda · January 19, 2024, 6:52am

Hello @Yathish ;

Can you try on of this filter ?

$.hTTPRequest.body[0].access[?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users” && @.value contains "Managed Users")]

$.hTTPRequest.body[0].access[?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users” && @.value in [‘Managed Users’])]

Yathish · January 19, 2024, 8:40am

Hi @baoussounda , Thanks for the response

Both the filters are not working, The Workflow just skips the loop as usual

In the image above, i have used both the filters on Loop and only this filter on Verify datatype $.hTTPRequest.body[0].access[?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users”)]

In the Loop Filter it takes as data not exist…

timahm · January 19, 2024, 10:15am

Hello,

Indeed, adding additional steps outside of the loop between the Loop operator and the end step is not recommended. Please refer to the SP doc.

Do not hesitate to share the workflow script and the need.

Regards,

baoussounda · January 19, 2024, 12:00pm

Where you use your filter.

Can you please add screeshot ?

Yathish · January 19, 2024, 12:08pm

Using this workflow as reference : Workflow to remove access by identity based on special conditions

Attaching the Screenshot of where I’m using the filter

baoussounda · January 19, 2024, 12:23pm

After your test execution, you can click on loop and see input data at loop level.

You can retrieve this input test filter on this input here : Online JSONPath Evaluator Tool (javainuse.com)

Yathish · January 19, 2024, 1:31pm

@baoussounda, The Filter $.hTTPRequest.body[0].access[?(@.type == “ENTITLEMENT” && @.source.name == “Active Directory - Users” && @.value contains “Managed Users”)] ]is working fine in the website, But these are the observations i found in the workflow

When using the filter without contains just the 1st 2 conditions the LoopInput have data
Whenever we put Contains then the loop’s “input” becomes null as shown below

system · March 19, 2024, 1:31pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Mark Entitlements Non Requestable ISC Discussion and Questions workflows , identity-security-cloud , entitlements	4	229	March 24, 2024
Termination workflow to add a condition where we can check entitlement name and skip from revoking ISC Discussion and Questions workflows , identity-security-cloud , entitlements	4	190	May 12, 2024
Workflow to remove access by identity based on special conditions ISC Show and Tell workflows , identity-security-cloud	9	998	March 27, 2024
Workflow - Remove Requested Roles on Termination ISC Discussion and Questions workflows	6	1596	July 19, 2023
Workflow - Loop Input Filter ISC Discussion and Questions workflows , identity-security-cloud	6	233	March 20, 2024

Workflow to remove all access that contains "Managed Users"

Related Topics