- Products & services Products & services
- Resources ResourcesLearning
- Learning
- Identity University Get technical training to ensure a successful implementation
- SailPoint professional certifications & credentials Advance your career or validate your identity security knowledge
- SailPoint recertification program Get recertified by demonstrating ongoing learning
- Training onboarding guide Make of the most of training with our step-by-step guide
- Training FAQs Find answers to common training questions
- Community Community
- Compass
- :
- Discuss
- :
- Community Wiki
- :
- IdentityIQ Wiki
- :
- Promoting entitlement into entitlement catalog using a custom task
- Article History
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Content to Moderator
Promoting entitlement into entitlement catalog using a custom task
Promoting entitlement into entitlement catalog using a custom task
I have scoured through our community and couldn't find a post for this requirement. If there is one that already exists, this is my version of it that works for me. We are on IIQ 7.2p2.
Create a feed file with your entitlement format requirements:
eg:
attribute, value, displayName, owner, requestable, application, type
groups,XYZ,Data Reader,Adam.Test,true,ABCs,Entitlement
Write a rule to promote it into the Entitlement catalog:
import sailpoint.object.TaskDefinition;
import sailpoint.object.*;
import sailpoint.object.TaskResult;
import sailpoint.tools.Message;
import java.util.ArrayList;
import sailpoint.object.Attributes;
import java.util.HashMap;
TaskDefinition td = context.getObject(TaskDefinition.class, "Update Entitlements Task");
String filePath = (String) td.getArgument("filePath");
System.out.println("Filepath:" + filePath);
BufferedReader br = null;
br = new BufferedReader(new FileReader(filePath));
if (br == null) {
if (tr != null) tr.addMessage(Message.error("Could not find or read the file", null));
return false;
}
System.out.println("not null");
String sCurrentLine;
String fileHeader = br.readLine();
if (fileHeader != null && fileHeader.contains(",") && fileHeader.contains("attribute") && fileHeader.contains("value")) &&
fileHeader.contains("displayName")) &&
fileHeader.contains("type")) &&
fileHeader.contains("owner")) &&
fileHeader.contains("Requestable")) &&
fileHeader.contains("applicationName")) {
while ((sCurrentLine = br.readLine()) != null) {
String[] csvValue = sCurrentLine.split(",", 7); //Split the current line on comma,
String value = csvValue[4].trim();
boolean b = Boolean.parseBoolean(value);
ManagedAttribute managerAttr = new ManagedAttribute();
Application app = context.getObjectByName(Application.class, csvValue[5].trim());
Identity id = context.getObjectByName(Identity.class, csvValue[3].trim());
managerAttr.setApplication(app);
managerAttr.setOwner(id);
managerAttr.setRequestable(b);
managerAttr.setDisplayName(csvValue[2].trim());
managerAttr.setAttribute(csvValue[0].trim());
managerAttr.setType(csvValue[6].trim());
managerAttr.setValue(csvValue[1].trim());
context.saveObject(managerAttr);
context.commitTransaction();
}
}
return "Success";
Reference this rule in to a "Run rule" Task and provide the filePath from your server. This can work for many applications at at time.
You can also throw in some try catch blocks for additional debugging.
Hopefully this helps.
Thank you
