Workflow to trigger for user role removal

Hello,

I have a project requirement where I need to create a Workflow for user whose role starting with ‘FSM’ for particular Target source got removed and user has no roles exist that start with ‘FSM’ then email should be triggered to Particular group of users.

I have below created below workflow, but its not working.

1 Like

Hi @skotian ,

When you mentioned its not working, do you mean workflow is not getting triggered or it gets triggered but it doesn’t send out email?

It is getting trigged but at attribute value stage condition is not satisfied

Hi @skotian ,

First, I guess by using the filter on the provisioning completed, you make sure that this workflow is only triggered when there is a remove action on that particular source so there is no need to have a double check.

Regarding the check attribute value, I am assuming you are trying to check if the group being removed starts with “FSM”. Can you please try this filter instead : " $.trigger.accountRequests[1].attributeRequests[?(@.attributeName == “nameOfYourattribute”)].attributeValue "

I would also suggest that you use a webhook to get the trigger JSON and then use a tool like JSON Path Finder to help you with the JSON path you have to use. To setup the webhook workflow please check this post: Testing Workflows in IdentityNow Using Webhook.site - Content / Community Blog - SailPoint Developer Community

2 Likes

Thank you, still same attribute issue.

Hi @skotian ,

Referring to the Triggers - SailPoint Identity Services JSON sample, you can try below for the Check Attribute Value Step:

$.trigger.accountRequests[0].attributeRequests[?(@.attributeName == "<nameOfYourattribute>")].attributeValue

Also, agree with @MeKhalbi , you do not need Provisioning Operator to Remove Step.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.