By default, all IdentityNow sites, also known as orgs, have an org time zone set to CST/CDT. This org time zone affects a number of system internal task schedules that run regularly, such as the periodic nightly refresh. For more on time zones, see Time Zones in IdentityNow.
You can change the org time zone using the APIs defined below. Setting the timeZone for an org will cause task schedules for the org to use that time zone instead of the default (CST).
NOTES:
Prerequisites
Authentication through the API Gateway, which returns a Java Web Token (JWT). This token is used to provide Bearer token authentication for subsequent calls to the configuration API endpoints. For more information about JWT authentication, see Best Practices: IdentityNow REST API Authentication.
List Valid Time Zone Values can be run by any IdentityNow user.
To run Get Org Configuration, you must be signed in to IdentityNow and strongly authenticated into the Admin interface. You can be either an IdentityNow administrator or a cert-admin.
To run Set Org Time Zone, you must be signed in to IdentityNow and strongly authenticated into the Admin interface as an IdentityNow administrator.
NOTES: Any given JWT will expire after a preset time period, requiring re-authentication. For more information about JWT authentication, see Best Practices: IdentityNow REST API Authentication.
GET beta/org-config
PATCH beta/org-config <org config patch json>
GET beta/org-config/valid-time-zones
In the following examples, <org> is the org name and <JWT string> is the generated JWT for a valid API client user.
The user for the JWT in the following invocation is required to be either an IdentityNow administrator or a cert-admin.
Command Line Invocation:
curl -v "https://<org>.api.identitynow.com/beta/org-config" -H "Authorization: Bearer <JWT string>"
Result:
{"orgName":"<org>","timeZone":"America/Chicago"}
The user for the JWT in the following invocation is required to be an IdentityNow administrator.
Command Line Invocation:
curl -X PATCH -d '[{ "op": "replace", "path": "/timeZone", "value": "America/Chicago" }]' -v "https://<org>.api.identitynow.com/beta/org-config" -H "Content-Type:application/json-patch+json" -H "Authorization: Bearer <JWT string>"
Result:
{"orgName":"<org>","timeZone":"America/Chicago"}
The user for the JWT in the following invocation may be any valid user.
Command Line Invocation:
curl -v "https://<org>.api.identitynow.com/beta/org-config/valid-time-zones" -H "Authorization: Bearer <JWT string>"
Result:
["Asia/Aden","America/Cuiaba","Etc/GMT+9","Etc/GMT+8","Africa/Nairobi","America/Marigot","Asia/Aqtau","Pacific/Kwajalein","America/El_Salvador","Asia/Pontianak","Africa/Cairo", ...]
NOTE: The very long result value list is abbreviated here.
If using Postman to PATCH an org timezone, provide the payload as Body set to text/plain, and provide the raw content per example below.
[ {
"op" : "replace",
"path" : "/timeZone",
"value" : "America/Chicago"
} ]
The url mentioned in doc is
curl -v "https://<org>.api.cloud.sailpoint.com/beta/org-config/valid-time-zones" -H "Authorization: Bearer <JWT string>"
The part which says "<org>.api.cloud.sailpoint.com" should be "<org>.api.identitynow.com"
The link to the "Time Zones in IdentityNow" mentioned at the end of the first paragraph doesn't work.
Can you please share it?
If I understand correctly changing the timezone will allow me to have the "backend" schedules running at the same time but in my new timezone, right? Instead of 8am/8pm CST for the consolidated refresh, it will be 8am/8pm GMT-1 for example?
@jbacoyannis not sure if this is still relevant after almost 2 years, but the link to "Time Zones in IdentityNow" worked for me. The path is https://documentation.sailpoint.com/saas/help/common/time-zones.html
Also, yes, your understanding is correct. Setting the org timezone would cause scheduled tasks to run at that time, but in your local timezone instead of US Central.
Hope that helps!
Rich