Workgroup Sign-off Certification Error Second Level Approval

Hello,

We are currently utilizing IdentityIQ version 8.3 and are trying to debug a second level approver rule which utilizes workgroups to sign-off and certify the campaign. The rule type is CertificationSignOffApprover and returns a map back. We are getting the second level email to send to the workgroup member however we are running into an error where the member of the workgroup cannot signoff correctly and the campaign stays in an active state.

We have checked the Sailpoint api documentation and saw that calling the certifiers manager is the natural end to the escalation for this type of rule but we do not have that relation set up in our SailPoint environment.

We have attached the rule we are utilizing below. How can we modify our rule to have the workgroup member certify the campaign and finalize the results?

Rule

import sailpoint.api.ObjectUtil;
import sailpoint.object.Identity;

ObjectUtil obj = new ObjectUtil();

// Pass a hardcoded group name

Identity identityGroup=context.getObjectByName(Identity.class,  "Test Second Level");

Iterator members=obj.getWorkgroupMembers(context, identityGroup, null);

while(members.hasNext())
{
	Identity identityCube= (Identity)(members.next()[0]);
	if(identityCube == certifier)
	return null;
}

if (identityGroup != null) 
{
	Map results = new HashMap();
	results.put("identity", identityGroup);
	return results;
} 

else
{
	return null;
}

Hi @c-gawagner,

Try using the logic below for your requirement, which should work:

import sailpoint.object.*;
  import sailpoint.tools.Util.*;
  import sailpoint.tools.*;
  
  
  String IAMGrpName = "IAM Workgroup";

  List history = certification.getSignOffHistory();

  if(history!=null && !history.isEmpty() && Util.size(history) == 1){

    Map results = new HashMap();
    results.put("identityName", IAMGrpName);

    return results;
  }else{
    return null;
  }

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.