Showing posts with label Entitelment. Show all posts
Showing posts with label Entitelment. Show all posts

Sunday, April 4, 2021

Sailpoint IdentityIQ User Application Entitlement Report

 User Application Entitlement Details Report

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE TaskDefinition PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<TaskDefinition executor="sailpoint.reporting.LiveReportExecutor" name="VIS Identity Entitlements Detail Report" progressMode="Percentage" resultAction="Rename" subType="Identity and User Reports" template="true" type="LiveReport">
  <Attributes>
    <Map>
      <entry key="report">
        <value>
          <LiveReport title="User Entitlements Report for Application">
            <DataSource objectType="IdentityEntitlement" type="Filter">
              <QueryParameters>
                <Parameter argument="application" property="application.id"/>
              </QueryParameters>
            </DataSource>
            <Columns>
              <ReportColumnConfig field="identity" header="identity" property="identity.displayName" sortable="true" width="110"/>
              <ReportColumnConfig field="name" header="name" property="identity.name" sortable="true" width="110"/>
              <ReportColumnConfig field="application" header="label_application" property="application.name" sortable="true" width="110"/>
              <ReportColumnConfig field="attribute" header="label_attribute" property="name" sortable="true" width="110"/>
              <ReportColumnConfig field="value" header="entitlement" property="value" sortable="true" width="110"/>
              <ReportColumnConfig field="accountId" header="account_name" property="nativeIdentity" sortable="true" width="110"/>
            </Columns>
          </LiveReport>
        </value>
      </entry>
    </Map>
  </Attributes>
  <Description>Displays identity/account entitlement information.</Description>
  <RequiredRights>
    <Reference class="sailpoint.object.SPRight" name="FullAccessIdentityEntitlementReport"/>
  </RequiredRights>
  <Signature>
    <Inputs>
      <Argument multi="true" name="application" type="Application">
        <Description>Applications  Entitlement deatils report for User</Description>
        <Prompt>applications</Prompt>
      </Argument>
    </Inputs>
  </Signature>
</TaskDefinition>

Thursday, August 29, 2019

SQL IDENTITY ENTITLEMENT DETAILS SAILPOINT IDENTITY IQ

This will get list of all the Entitlement details for the particular user

Select  SPT_IDENTITY.NAME AS "USER ID" ,SPT_APPLICATION.NAME AS "APPLICATION NAME", 
        SPT_IDENTITY_ENTITLEMENT.NATIVE_IDENTITY AS "ACCOUNT ID", 
        SPT_IDENTITY_ENTITLEMENT.VALUE  AS "ENTITLEMENT VALUE"
        from SPT_IDENTITY_ENTITLEMENT , 
             SPT_MANAGED_ATTRIBUTE , 
             SPT_APPLICATION ,
             SPT_IDENTITY 
        where 
            SPT_MANAGED_ATTRIBUTE.APPLICATION=SPT_IDENTITY_ENTITLEMENT.APPLICATION and
            SPT_MANAGED_ATTRIBUTE.VALUE = SPT_IDENTITY_ENTITLEMENT.VALUE and 
            SPT_IDENTITY_ENTITLEMENT.IDENTITY_ID = SPT_IDENTITY.ID and
            SPT_APPLICATION.ID=SPT_MANAGED_ATTRIBUTE.APPLICATION and
            SPT_IDENTITY.CORRELATED ='1' and
            SPT_IDENTITY.NAME=<NAME ATTRIBUTE>



This will get list of all the Entitlement details for the all the user's

Select  SPT_IDENTITY.NAME AS "USER ID" ,SPT_APPLICATION.NAME AS "APPLICATION NAME", 
        SPT_IDENTITY_ENTITLEMENT.NATIVE_IDENTITY AS "ACCOUNT ID", 
        SPT_IDENTITY_ENTITLEMENT.VALUE  AS "ENTITLEMENT VALUE"
        from SPT_IDENTITY_ENTITLEMENT , 
             SPT_MANAGED_ATTRIBUTE , 
             SPT_APPLICATION ,
             SPT_IDENTITY 
        where 
            SPT_MANAGED_ATTRIBUTE.APPLICATION=SPT_IDENTITY_ENTITLEMENT.APPLICATION and
            SPT_MANAGED_ATTRIBUTE.VALUE = SPT_IDENTITY_ENTITLEMENT.VALUE and 
            SPT_IDENTITY_ENTITLEMENT.IDENTITY_ID = SPT_IDENTITY.ID and
            SPT_APPLICATION.ID=SPT_MANAGED_ATTRIBUTE.APPLICATION and

            SPT_IDENTITY.CORRELATED ='1' and


Same Query can be modified and can be used to get the data with more details like extended attribute from Entitlement catalog or the Identity Attributes.


SPT_IDENTITY_ENTITLEMENT --> Contain relation between the Identity and Identity Entitlement.
SPT_MANAGED_ATTRIBUTE --> Contains the managed attributes details
SPT_APPLICATION --> Contain the Application related details
SPT_IDENTITY --> Contains all the User Identity Attributes