SAILPOINT IDENTITY IQ: Quicklink

Showing posts with label Quicklink. Show all posts

Sunday, January 12, 2020

Sailpoint Identity IQ SQL Quicklink Dynamic Scope and Quicklink Details

This query is used to get the details about the Quicklink Population (Dynamic Scope) , Quicklink and the condition for each population ,

the scope for the membership criteria and also the scope for the entitlement , Application and Role.

select SPT_DYNAMIC_SCOPE.NAME AS "Quicklink Population",  
SPT_DYNAMIC_SCOPE.DESCRIPTION AS "Quicklink Population Description",
SPT_DYNAMIC_SCOPE.ALLOW_ALL AS "Membership is ALL",
SPT_DYNAMIC_SCOPE.SELECTOR AS "Membership criteria",
SPT_DYNAMIC_SCOPE.POPULATION_REQUEST_AUTHORITY AS "Who can members request for",
SPT_DYNAMIC_SCOPE.ROLE_REQUEST_CONTROL AS "What can request Role",
SPT_DYNAMIC_SCOPE.APPLICATION_REQUEST_CONTROL AS "What can request Application",
SPT_DYNAMIC_SCOPE.MANAGED_ATTR_REQUEST_CONTROL AS "What can request Entitlements",
SPT_QUICK_LINK.NAME AS "Quicklink Name",
SPT_QUICK_LINK.CATEGORY AS "Quicklink Category",
SPT_QUICK_LINK.ACTION AS "Quicklink Action",
SPT_QUICK_LINK.ARGUMENTS,
SPT_QUICK_LINK_OPTIONS.ALLOW_BULK,
SPT_QUICK_LINK_OPTIONS.ALLOW_OTHER,
SPT_QUICK_LINK_OPTIONS.ALLOW_SELF,
SPT_QUICK_LINK_OPTIONS.OPTIONS
from SPT_DYNAMIC_SCOPE , SPT_QUICK_LINK ,SPT_QUICK_LINK_OPTIONS
where SPT_DYNAMIC_SCOPE.id=SPT_QUICK_LINK_OPTIONS.DYNAMIC_SCOPE 
and SPT_QUICK_LINK_OPTIONS.QUICK_LINK=SPT_QUICK_LINK.ID
and SPT_QUICK_LINK.NAME = 'Request Access'

SPT_DYNAMIC_SCOPE - Quicklink Population Deatils

SPT_QUICK_LINK  - Quciklink Details

SPT_QUICK_LINK_OPTIONS - QuickLink options for each quicklink

Monday, January 6, 2020

Sailpoint IIQ Quicklink External WebPage

Sailpoint Identity IQ Quicklink to call External WebPage

Creating a custom QuickLink population to call external webPage with few input is fairly straightforward. Below are the the following 4 steps which can be used to successfully setup a quicklink population.

1. Modify the System Configuration object from the debug page to add a separate category (Custom) under menu and in quicklink Population. follow link

– search for the entry key quickLinkCategories and add the line below as one of the list values.

2.Import the below file using the import Import Utility

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE sailpoint PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<sailpoint>
<QuickLink name="AustinTemperature" action="external" enabled="true" messageKey="Show Austin Weather"
                  category="Custom">
                  <Attributes>
                    <Map>
                      <entry key="url" value="https://www.yahoo.com/news/weather/united-states/texas/austin-2357536" />
                      <entry key="parameters">
                        <value>
                          <Map>
                            <entry key="w" value="12789690" />
                            <entry key="u" value="f" />
                            <entry key="v">
                            <value>
                              <Script>
                                <Source>
                                  return "script_parameter";
                                </Source>
                              </Script>
                            </value>
                            </entry>
                          </Map>
                        </value>
                      </entry>
                    </Map>
                  </Attributes>
   <QuickLinkOptions allowSelf="true">
      <DynamicScopeRef>
         <Reference class="sailpoint.object.DynamicScope" name="Everyone"/>
      </DynamicScopeRef>
   </QuickLinkOptions>
                </QuickLink>
</sailpoint>

3. logout and login again to see the quicklink under the custom category

4. Once we click on the Quicklink it will open the external site with the input param

Thursday, December 26, 2019

Sailpoint Identity IQ QuickLink WorkFlow Default Input

All the WorkFlow which are getting invoked from the Quicklink has below default input parameters.

currentUserName - Current User
launcher - Lanucher of this quicklink
quicklink - Name of the QuickLink
quickLinkIdentityId - Identity involved in this quicklink
quickLinkIdentityIds - Identity involved in this quicklink
sessionowner - Sessnion Owner
workflowName - WorkFlow which is getting trigger once we invoke the quicklink
trace - Logger for tracking
transient - Transient

Saturday, December 14, 2019

Sailpoint IIQ Quicklink Launch Workflow showing Form Value

Sailpoint IIQ Quicklink Launch Workflow showing Form Value

1. Create a quick link make sure the below category is created follow the step from the previous post

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE QuickLink PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<QuickLink action="workflow" category="Service Account Management" messageKey="Manage Service Account" name="Service Account View QuickLink">
  <Attributes>
    <Map>
      <entry key="workflowName" value="Service Account View Workflow"/>
    </Map>
  </Attributes>
  <Description>QuickLink to View Service Account in IIQ table</Description>
  <QuickLinkOptions allowSelf="true">
    <DynamicScopeRef>
      <Reference class="sailpoint.object.DynamicScope" name="Self Service"/>
    </DynamicScopeRef>
  </QuickLinkOptions>
</QuickLink>

2.Import the form created in the previous post

3.import the below Workflow

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Workflow PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Workflow explicitTransitions="true" name="Service Account View Workflow">
  <Variable editable="true" input="true" name="launcher">
    <Description>Launcher name.</Description>
  </Variable>
  <Variable initializer="true" name="transient"/>
  <Variable initializer="true" name="trace">
    <Description>Used for debugging this workflow and when set to true trace
      will be sent to stdout.</Description>
  </Variable>
  <Step icon="Start" name="Start" posX="229" posY="21">
    <Transition to="Display Form"/>
  </Step>
  <Step icon="Approval" name="Display Form" posX="427" posY="21">
    <Approval mode="serial" name="Display Form" owner="ref:launcher">
      <Arg name="workItemType" value="Approval"/>
      <Arg name="workItemDescription" value="Service Account Details"/>
      <Arg name="workItemForm" value="string:Service Account Details Form"/>
      <Arg name="workItemFormBasePath"/>
    </Approval>
    <Description>
       Display the Service Account form .
    </Description>
    <Transition to="Stop"/>
  </Step>
  <Step icon="Stop" name="Stop" posX="611" posY="21"/>
</Workflow>

Thursday, December 12, 2019

Sailpoint IIQ Form - Reading Value from IIQ Database

Below is the sample Form in which most of the value of the field is read from the IIQ Custom 
Table DB . in the previous posts we have seen the sample code for reading the data from IIQ Database.
Create a Table in IIQ Database name VIS_SERVICE_ACCOUNT with below fields

ACCOUNT_ID
APPLICATION_NAME
ACCOUNT_DESCRIPTION
OWNER
INTERACTIVE

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Form PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Form name="Service Account Details Form" type="Workflow">
  <Attributes>
    <Map>
      <entry key="pageTitle" value="Service Account Details Form"/>
    </Map>
  </Attributes>
  <Section>
    <Field displayName="Account Identifier" helpKey="Account ID of Service Account" name="accountID" postBack="true" required="true" type="string">
      <AllowedValuesDefinition>
        <Script>
          <Source>
   import sailpoint.tools.Util;
   import sailpoint.tools.GeneralException;
   import org.apache.log4j.Logger;

   Logger logger= Logger.getLogger("vis.form.ServiceAccount.fields");

   List itemList = new ArrayList();
            
   try{

   String  columnSearch = "ACCOUNT_ID";
   String  tableName = "VIS_SERVICE_ACCOUNT";
   String  conditionColumnName = "ACCOUNT_ID";
   String  sqlStatement ="select "+columnSearch+" from "+tableName;
   Iterator it = context.search("sql:"+sqlStatement, null,null);

    while ((null != it) &amp;&amp; it.hasNext()) {
      String i= it.next();
      if(!itemList.contains(i)) {
       itemList.add(i);
      }
    }
   Util.flushIterator(it);
   }
   catch(GeneralException ex){
    logger.error("Error in AppEdit form : " +ex.getMessage());
   }
   return itemList;
          </Source>
        </Script>
      </AllowedValuesDefinition>
    </Field>
    <Field displayName="Application Name" displayType="combobox" helpKey="Application Name of the Service Account" name="applicationName" postBack="true" required="true" type="string">
      <AllowedValuesDefinition>
        <Script>
          <Source>
   import sailpoint.tools.Util;
   import sailpoint.tools.GeneralException;
   import org.apache.log4j.Logger;

   Logger logger= Logger.getLogger("vis.form.ServiceAccount.fields");
   List itemList = new ArrayList();
            
   try{

   String  columnSearch = "APPLICATION_NAME";
   String  tableName = "VIS_SERVICE_ACCOUNT";
   String  conditionColumnName = "ACCOUNT_ID";
   String  sqlStatement ="select "+columnSearch+" from "+tableName + " where ACCOUNT_ID ='"+ accountID + "'";
            System.out.println("sqlStatement = " + sqlStatement);
   Iterator it = context.search("sql:"+sqlStatement, null,null);

    while ((null != it) &amp;&amp; it.hasNext()) {
      String i= it.next();
      itemList.add(i);
    }
   Util.flushIterator(it);
   }
   catch(GeneralException ex){
    logger.error("Error in AppEdit form : " +ex.getMessage());
   }
   return itemList;
          </Source>
        </Script>
      </AllowedValuesDefinition>
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source>if(accountID==null || accountID ==void){
                  return true;
                }</Source>
              </Script>
            </value>
          </entry>
        </Map>
      </Attributes>
    </Field>
    <Field displayName="Account Description" dynamic="true" helpKey="Description of Service Account" name="accountDescription" type="string">
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source>if(accountID==null || accountID ==void || applicationName==null || applicationName ==void){
                  return true;
                }</Source>
              </Script>
            </value>
          </entry>
          <entry key="readOnly" value="true"/>
        </Map>
      </Attributes>
      <Script>
        <Source>
          if(accountID!=null){
     String  columnSearch = "ACCOUNT_DESCRIPTION";
     String  tableName = "VIS_SERVICE_ACCOUNT";
     String  conditionColumnName = "ACCOUNT_ID";
     String  sqlStatement ="select "+columnSearch+" from "+tableName+" where "+conditionColumnName+"='"+accountID+"'"+" and APPLICATION_NAME ='"+applicationName+"'";
     Iterator  itr = context.search("sql:"+sqlStatement, null,null);
     while(itr.hasNext()){
      String accountDescription =  itr.next();
      if(accountDescription!=null){
     return accountDescription;
      }
     }
         }
        </Source>
      </Script>
    </Field>
    <Field displayName="Account Owner" dynamic="true" helpKey="Owner of the Service Account" name="owner" type="sailpoint.object.Identity">
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source>if(accountID==null || accountID ==void || applicationName==null || applicationName ==void){
                  return true;
                }</Source>
              </Script>
            </value>
          </entry>
          <entry key="readOnly" value="true"/>
        </Map>
      </Attributes>
      <Script>
        <Source>         
        if(accountID!=null){
     String  columnSearch = "OWNER";
     String  tableName = "VIS_SERVICE_ACCOUNT";
     String  conditionColumnName = "ACCOUNT_ID";
     String  sqlStatement ="select "+columnSearch+" from "+tableName+" where "+conditionColumnName+"='"+accountID+"'"+" and APPLICATION_NAME ='"+applicationName+"'";
     Iterator  itr = context.search("sql:"+sqlStatement, null,null);
     while(itr.hasNext()){
      String owner =  itr.next();
      if(owner!=null){
     return owner;
      }
     }
          }</Source>
      </Script>
    </Field>
    <Field displayName="Interactive" dynamic="true" helpKey="Service Account is Interactive or Non-Interactive" name="interactive" type="string">
      <AllowedValuesDefinition>
        <Value>
          <List>
            <String>Yes</String>
            <String>No</String>
          </List>
        </Value>
      </AllowedValuesDefinition>
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source>if(accountID==null || accountID ==void || applicationName==null || applicationName ==void){
                  return true;
                }</Source>
              </Script>
            </value>
          </entry>
          <entry key="readOnly" value="true"/>
        </Map>
      </Attributes>
      <Script>
        <Source>
          if(accountID!=null){
     String  columnSearch = "INTERACTIVE";
     String  tableName = "VIS_SERVICE_ACCOUNT";
     String  conditionColumnName = "ACCOUNT_ID";
     String  sqlStatement ="select "+columnSearch+" from "+tableName+" where "+conditionColumnName+"='"+accountID+"'"+" and APPLICATION_NAME ='"+applicationName+"'";
     Iterator  itr = context.search("sql:"+sqlStatement, null,null);
     while(itr.hasNext()){
      String interactive =  itr.next();
      if(interactive!=null){
     return interactive;
      }
     }
          }
        </Source>
      </Script>
    </Field>
  </Section>
  <Button action="back" label="Cancel"/>
</Form>

Wednesday, November 27, 2019

Sailpoint Identity IQ Reading Data from Custom Table

Reading Data from the Custom Table created in the Sailpoint identity IQ Database ,

Once the table is created within the IdentityIQ database, it can be queried like any JDBC connection. However, the advantage of using a table within the IdentityIQ database is that the connection to the database can be obtained from the IIQ context rather than having to store the URL, username, and password within the code itself.

Below sample code can be used in any places , such as showing the data in the Form (from custom table) , Rules or Workflow

   List itemList = new ArrayList();
            
   try{

   String  columnSearch = "ACCOUNT_ID";
   String  tableName = "VIS_SERVICE_ACCOUNT";
   String  conditionColumnName = "ACCOUNT_ID";
   String  sqlStatement ="select "+columnSearch+" from "+tableName;
   Iterator it = context.search("sql:"+sqlStatement, null,null);

    while ((null != it) &amp;amp;&amp;amp; it.hasNext()) {
      String i= it.next();
      if(!itemList.contains(i)) {
       itemList.add(i);
      }
    }
   Util.flushIterator(it);
   }
   catch(GeneralException ex){
    logger.error("Error in form : " +ex.getMessage());
   }
   return itemList;

Saturday, May 4, 2019

QUICKLINK POPULATIONS IN IIQ

Creating a custom QuickLink population to add to IIQ OOTB menu is fairly straightforward. Below are the the following 4 steps which can be used to successfully setup a quicklink population.

1. Modify the System Configuration object from the debug page to add a separate category under menu and in quicklink Population.

– search for the entry key quickLinkCategories and add the line below as one of the list values.

<QuickLinkCategory cssClass="quickLinkCategoryCustom" enabled="true" messageKey="Business Unit and Cost Center Section" name="Business Unit and Cost Center Section" ordering="4"/>

2. Create the Quicklink object, The action tag specifies the action to be performed when the link is invoked while the category specifies which category in the menu the link will go under. Here in below example we are invoking the Custom WF “Business Unit Attribute Update Workflow” when we click on the Quicklink

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE QuickLink PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<QuickLink action="workflow" category="Business Unit and Cost Center Section" messageKey="Update Business Unit Attribute" name=” Business Unit Update Attribute QuickLink">
<Attributes>
<Map>
<entry key="workflowName" value=" Business Unit Attribute Update Workflow"/>
</Map>
</Attributes>
<Description>QuickLink for Updating Business Unit Attribute in IIQ table</Description>
</QuickLink>

3.Navigate to Global Settings —> QuickLink Populations. Under QuickLinks tab you will see the category that was entered in the System Configuration.

-Select the Category —> Business Unit and Cost Center Section.

Select the quicklink and configure it by clicking on the radio button when configure option is selected, then select an option for running it for self or others.

4. Login to sailpoint and see if the Custom Quicklink and Quicklink Category is created, here we can see the Quicklink "Update Cost Center Type" is created under the "Business Unit and Cost Center Section" category.