Get Reference Identity Attribute

Overview

Use the get reference identity attribute transform as an out-of-the-box rule provided through SailPoint's Cloud Services Deployment Utility rule. The transform allows you to get the identity attribute of another user from within a given identity's calculation. For your convenience, the transform allows you to use "manager" as a referential lookup to the target identity.

Transform structure

The structure of a get reference identity transform requires the name of the referenced rule to be the Cloud Services Deployment Utility rule built by SailPoint. Additionally, you must set the operation to getReferenceIdentityAttribute and specify a uid attribute that correlates to the identity whose attribute is desired. Last, you must include the type and name attributes required for all transforms:

{
  "attributes": {
    "name": "Cloud Services Deployment Utility",
    "operation": "getReferenceIdentityAttribute",
    "uid": "manager",
    "attributeName": "email"
  },
  "type": "rule",
  "name": "Get Reference Identity Attribute Transform"
}

Top-level properties (required)

type string (required)
Must be set to rule.
name string (required)
The name of the transform as it will appear in the UI's dropdown menus.
requiresPeriodicRefresh boolean (optional)
Whether the transform logic should be reevaluated every evening as part of the identity refresh process. Default is false.

Attributes

The get reference identity attribute transform uses the following structure:

{
  "type": "rule",
  "name": "Transform Name",
  "attributes": {
    "name": "Cloud Services Deployment Utility",
    "operation": "getReferenceIdentityAttribute",
    "uid": "manager",
    "attributeName": "email"
  }
}

`attributes` (required)

The attributes object contains the rule configuration.

Required

name string (required)
Must be set to Cloud Services Deployment Utility.
operation string (required)
Must be set to getReferenceIdentityAttribute.
uid string (required)
The SailPoint User Name (uid) value of the identity whose attribute is desired. You can use the "manager" keyword to look up the user's manager and get that manager's identity attribute.
attributeName string (required)
The name of the identity attribute to retrieve from the referenced identity.

Examples

This transform gets the user's manager's email address.

Transform request body:

{
  "attributes": {
    "name": "Cloud Services Deployment Utility",
    "operation": "getReferenceIdentityAttribute",
    "uid": "manager",
    "attributeName": "email"
  },
  "type": "rule",
  "name": "Get Reference Identity Attribute Transform"
}

This transform gets the alternate phone number for the user identified as "corporate.admin".

Transform request body:

{
  "attributes": {
    "name": "Cloud Services Deployment Utility",
    "operation": "getReferenceIdentityAttribute",
    "uid": "corporate.admin",
    "attributeName": "phone"
  },
  "type": "rule",
  "name": "Get Reference Identity Attribute Transform"
}

Overview​

Transform structure​

Top-level properties (required)​

Attributes​

attributes (required)​

Required​

Examples​