Entitlement List
| Input/Output | Data Type |
|---|---|
| Input | StdEntitlementListInput |
| Output | StdEntitlementListOutput |
Example StdEntitlementListInput
{
"type": "group"
}
Example StdEntitlementListOutput
{
"identity": "john.doe",
"key": {
"simple": {
"id": "administrator"
}
},
"type": "group",
"attributes": {
"id": "administrator",
"name": "Administrator"
}
}
Description
The entitlement list command triggers during a manual or scheduled entitlement aggregation operation within IDN. This operation gathers a list of all entitlements available on the target source, usually multi-valued entitlements like groups or roles. This operation provides IDN administrators with a list of entitlements available on the source so they can create access profiles and roles accordingly, and it provides IDN with more details about the entitlements. The entitlement schema’s minimum requirements are name and ID, but you can add other values, such as created date, updated date, status, etc.
Defining the Schema
The entitlement schema is defined in the connector-spec.json file. Currently, only the multi-valued “group” type is supported. The following values are the minimum requirements, but you can add more attributes.
...
"entitlementSchemas": [
{
"type": "group",
"displayAttribute": "name",
"identityAttribute": "id",
"attributes": [
{
"name": "id",
"type": "string",
"description": "Unique ID of the group (ex. admin)"
},
{
"name": "name",
"type": "string",
"description": "The display name of the group (ex. Admin)"
}
]
}
],
...
Implementation
This can be implemented in the main connector file, index.ts:
...
.stdEntitlementList(async (context: Context, input: StdEntitlementListInput, res: Response<StdEntitlementListOutput>) => {
const groups = await airtable.getAllEntitlements()
for (const group of groups) {
res.send(group.toStdEntitlementListOutput())
}
})
...
...
...
public toStdEntitlementListOutput(): StdEntitlementListOutput {
return this.buildStandardObject();
}
private buildStandardObject(): StdEntitlementReadOutput | StdEntitlementListOutput {
return {
key: SimpleKey(this.id),
type: 'group',
attributes: {
id: this.id,
name: this.name
}
}
}
IDN will throw a connection timeout error if your connector doesn't respond within 3 minutes, and there are memory limitations involved with aggregating data. To prevent large memory utilization or timeout errors, you should set up your connectors to send data to IDN as it's retrieved from your source system. For more details and an example, refer to Connector Timeouts.