Last active
March 13, 2019 02:46
-
-
Save darrenjrobinson/0dad33c79b7f824c283372cd86b8db6b to your computer and use it in GitHub Desktop.
Change SailPoint IdentityNow Identity Profile Priority. Associated Blog Post https://blog.darrenjrobinson.com/changing-sailpoint-identitynow-identity-profiles-priorities-using-powershell/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Your API Client ID | |
$clientID = 'yourClientID' | |
# Your API Client Secret | |
$clientSecret = 'yourClientSecret' | |
$Bytes = [System.Text.Encoding]::utf8.GetBytes("$($clientID):$($clientSecret)") | |
$encodedAuth = [Convert]::ToBase64String($Bytes) | |
# Your IdentityNow Tenant Name | |
$orgName = 'yourOrgName' | |
# IdentityNow Admin User and PWD to connect with | |
$adminUSR = [string]"yourAdminname".ToLower() | |
$adminPWDClear = 'yourAdminPassword' | |
# Encode creds from above. Requires the PSCX Module | |
$passwordHash = Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($($adminPWDClear) + (Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($adminUSR)).HashString.ToLower()) | |
$adminPWD = $passwordHash.ToString().ToLower() | |
Clear-Host | |
# Base URI for Private API's (v1 APIs) | |
$baseURI = "https://$($orgName).identitynow.com" | |
# URI to get Token | |
$tokenURI = "https://$($orgName).identitynow.com/api/oauth/token?grant_type=password&username=$($adminUSR)&password=$($adminPWD)" | |
# Get Token | |
$token = Invoke-RestMethod -Method POST -Uri $tokenURI -Headers @{Authorization = "Basic $($encodedAuth)"} | |
if ($token) { | |
try { | |
# Get Identity Profiles List | |
$baseURI = "https://$($orgName).identitynow.com/api/profile/" | |
$headers = @{"Authorization" = "Bearer $($token.access_token)"; "Content-Type" = "application/json"} | |
$IdentityProfiles = Invoke-RestMethod -Method Get -uri "$($baseURI)list" -Headers $headers | |
$identityProfileOrderSelect = $IdentityProfiles | Select-Object -Property name, id, priority | Sort-Object -Property priority | |
$iProfiles = @() | |
[int]$order = 0 | |
foreach ($profile in $identityProfileOrderSelect) { | |
# Identity Profile Chooser | |
$iProfileName = New-Object -TypeName PSObject | |
$iProfileName | Add-Member -Type NoteProperty -Name ProfileName -Value $profile.name | |
$iProfileName | Add-Member -Type NoteProperty -Name Priority -Value $profile.priority | |
$iProfileName | Add-Member -Type NoteProperty -Name ID -Value $profile.id | |
$iProfiles += $iProfileName | |
$order++ | |
} | |
If ($iProfiles.Count -gt 1) { | |
$title = "Identity Profile Priority Changer" | |
$message = "Which Identity Profile are you wanting to change the priority of? Enter the Identity Profile name or accept the default." | |
# Build the choices menu | |
$choices = @() | |
For ([int]$index = 0; $index -lt $iProfiles.Count; $index++) { | |
$choices += New-Object System.Management.Automation.Host.ChoiceDescription $iProfiles[$index].ProfileName, ($iProfiles[$index]).Priority | |
} | |
Clear-Host | |
write-host "The current Identity Profiles Priorities are:" | |
Write-Output $iProfiles | out-host | |
# Identity Profile to move | |
$options = [System.Management.Automation.Host.ChoiceDescription[]]$choices | |
[int[]]$DefaultChoice = @($order - 1) | |
$result = $host.ui.PromptForChoice($title, $message, $options, $DefaultChoice ) | |
$targetProfile = $iProfiles[$result] | |
# Location to move to | |
Clear-Host | |
$message = "Which Identity Profile do you want it to have a higher priority than (e.g move it above it)?" | |
$options = [System.Management.Automation.Host.ChoiceDescription[]]$choices | |
[int[]]$DefaultChoice = @(0) | |
$result = $host.ui.PromptForChoice($title, $message, $options, $DefaultChoice ) | |
$higherThan = $iProfiles[$result] | |
write-host -ForegroundColor Yellow "$($targetProfile.ProfileName) will be moved above $($higherThan.ProfileName)" | |
$confirmation = Read-Host "Are you sure you want to change the priority of $($targetProfile.ProfileName)? Y / N" | |
if ($confirmation -eq 'y') { | |
try { | |
# Change Priority | |
$newPriority = $($higherThan.Priority) - 5 | |
$updateProfile = Invoke-RestMethod -Method Post -uri "https://$($orgName).identitynow.com/api/profile/update/$($targetProfile.id)" -Headers $headers -Body (@{"priority" = $newPriority} | convertto-json) | |
write-host -ForegroundColor Green "$($targetProfile.ProfileName) has been moved above $($higherThan.ProfileName) with a priority of $($updateProfile.priority)" | |
} | |
catch { | |
write-host -ForegroundColor Red "Something went wrong updating your profile. Check the priorities of your Identity Profiles" | |
} | |
} | |
else { | |
write-host "No changes made" | |
} | |
} | |
} | |
catch { | |
write-host -foregroundcolor yellow "Well, that didn't work. Are you referecing the correct Source and Org?" | |
} | |
} | |
else { | |
write-host -foregroundcolor yellow "Well, that didn't work. Check your credentials, update and try again." | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment