Register Sign in Need help? FAQ SailPoint directory
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Deeplinks/direct link to access management page: Manage user access

Deeplinks/direct link to access management page: Manage user access

 

Symptoms

Environment: Apache Tomcat 9.0.x and SailPoint IdentityIQ 8.0

Specific access request pages can be accessed through direct links using parameters. As per the administration guide below is the form that has to be used to make an Access Request using direct links. 

https://<hostname>/identityiq/ui/rest/redirect?rp1=/accessRequest/accessRequest.jsf&rp2=accessRequest/manageAccess/add?identityName=<identity1>&filterRoleType=<roleType1>&filterRoleStringAttr=<roleAttrib1>

 

https://<hostname>/identityiq/ui/rest/redirect?rp1=/accessRequest/accessRequest.jsf&rp2=accessRequest/manageAccess/add?identityName=<identity1>&filterEntitlementApplication=<entApp1>&filterEntitlementAttribute=<entAttrib1>&filterEntitlementEntitlement=<entValue1>

 

https://<hostName>/identityiq/ui/rest/redirect?rp1=/ui/index.jsf&rp2=accessRequest/review?identityName=<identity1>&entitlement=<entitlementId>

 

This direct links when used causes issue when the parameters are more than one. It somehow considers only the 1st parameter.

 

Solution

Replace & with %26 to add parameters in Direct links

https://<hostname>/identityiq/ui/rest/redirect?rp1=/accessRequest/accessRequest.jsf&rp2=accessRequest/manageAccess/add?identityName=<identity1>%26filterRoleType=<roleType1>%26filterRoleStringAttr=<roleAttrib1>

 

https://<hostname>/identityiq/ui/rest/redirect?rp1=/accessRequest/accessRequest.jsf&rp2=accessRequest/manageAccess/add?identityName=<identity1>%26filterEntitlementApplication=<entApp1>%26filterEntitlementAttribute=<entAttrib1>%26filterEntitlementEntitlement=<entValue1>

 

https://<hostName>/identityiq/ui/rest/redirect?rp1=/ui/index.jsf&rp2=accessRequest/review?identityName=<identity1>%26entitlement=<entitlementId>

 

 NOTE: Role and Entitlement for which the request has to be made should be Requestable.

Comments
anjaganathan_deloitte
‎Mar 05, 2021 05:27 PM
‎Mar 05, 2021 05:27 PM

Thanks. Very helpful.

mike818148
‎Aug 10, 2021 08:08 AM
‎Aug 10, 2021 08:08 AM

Hello @gaurav_khandelwal , 

Great thanks for such good post. 

Would like to ask if it's possible to also include the account selection in the deeplink, in our scenario, we have identity which has many application accounts (same application), as I know we don't have the a good UI for account selection in case of many accounts populated. So I am thinking deep link can be a possible solution here. 

I have tried the below deep link, but it's just for Identity selection and will bypass the account selection. Random account will be selected for the role assignment. Do you have any information which we can provide argument for account selection? 

http://192.168.15.128:8080/identityiq/ui/rest/redirect?rp1=/accessRequest/accessRequest.jsf&rp2=acce...?requesteeApp=QUQ%3D%26requesteeNativeIdentity=Q049RGF2aWQgSW4sT1U9SVQsT1U9SG9uZyBLb25nLERDPXNhaWxwb2ludCxEQz1kZW1v%26role=c0a80f8074ba19368174bdd1842a07b5

 

Thanks and Regards,

Mike

 

rohisuha1
‎Aug 20, 2021 03:07 PM
‎Aug 20, 2021 03:07 PM

I am unable to see manage user access from magnified glass on the left side.

when i type iiq console (as below) nothing happening or no error found

C:\Users\ragha\Downloads\apache-tomcat-9.0.52-windows-x64\apache-tomcat-9.0.52\webapps\identityiq\WEB-INF\bin>iiq console

C:\Users\ragha\Downloads\apache-tomcat-9.0.52-windows-x64\apache-tomcat-9.0.52\webapps\identityiq\WEB-INF\bin>

jva
‎Sep 30, 2021 10:04 AM
‎Sep 30, 2021 10:04 AM

Is there a way to have you own (currently logged in) Identity selected as a first step, when using a URL like this: https://<hostname>/identityiq/ui/rest/redirect?rp1=/accessRequest/accessRequest.jsf&rp2=accessRequest/manageAccess/add?filterKeyword=<RoleName>

If a person can select multiple identities, than the users first needs to select his own Identity in step 1, and in step 2 the filter value is lost.

binod_bista
‎Apr 12, 2023 11:30 PM
‎Apr 12, 2023 11:30 PM

Hi @mike818148 

Did you figure out the deep link for account selection?

Regards,

B.

mike818148
‎Apr 14, 2023 03:29 AM
‎Apr 14, 2023 03:29 AM

Hello @binod_bista,

At the moment nope. Instead, we have a plugin solution, which might help in your case, you can reference it here

The plugin is under to progress to become a freeware. If you are interested, please reach out to our sales mentioned in the post.

SriIndugula2704
‎Apr 20, 2023 06:22 PM
‎Apr 20, 2023 06:22 PM

Hi 

will remove also work in same way as add? for below, when we tried for remove it is showing blank screen, while Add is working perfectly.

https://<hostname>/identityiq/ui/rest/redirect?rp1=/accessRequest/accessRequest.jsf&rp2=accessRequest/manageAccess/remove?identityName=<identity1>

nbhansali
‎Aug 29, 2023 01:17 PM
‎Aug 29, 2023 01:17 PM

Is this possible in 8.3p3?

nbhansali
‎Aug 29, 2023 01:53 PM
‎Aug 29, 2023 01:53 PM

This is possible in 8.3p3 still! Just had an issue with my URL.

srimathiraman
‎Oct 13, 2023 02:34 AM
‎Oct 13, 2023 02:34 AM

Hi,

Add is working fine but if I try with remove getting a blank screen. Has anyone implemented quicklink for remove access review page?

 

Version history
Revision #:
7 of 7
Last update:
‎Jul 25, 2023 06:17 PM
Updated by:
Community Administrator
 
View Article History