Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Change SailPoint IdentityNow Identity Profile Priority. Associated Blog Post https://blog.darrenjrobinson.com/changing-sailpoint-identitynow-identity-profiles-priorities-using-powershell/
# Your API Client ID
$clientID = 'yourClientID'
# Your API Client Secret
$clientSecret = 'yourClientSecret'
$Bytes = [System.Text.Encoding]::utf8.GetBytes("$($clientID):$($clientSecret)")
$encodedAuth = [Convert]::ToBase64String($Bytes)
# Your IdentityNow Tenant Name
$orgName = 'yourOrgName'
# IdentityNow Admin User and PWD to connect with
$adminUSR = [string]"yourAdminname".ToLower()
$adminPWDClear = 'yourAdminPassword'
# Encode creds from above. Requires the PSCX Module
$passwordHash = Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($($adminPWDClear) + (Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($adminUSR)).HashString.ToLower())
$adminPWD = $passwordHash.ToString().ToLower()
Clear-Host
# Base URI for Private API's (v1 APIs)
$baseURI = "https://$($orgName).identitynow.com"
# URI to get Token
$tokenURI = "https://$($orgName).identitynow.com/api/oauth/token?grant_type=password&username=$($adminUSR)&password=$($adminPWD)"
# Get Token
$token = Invoke-RestMethod -Method POST -Uri $tokenURI -Headers @{Authorization = "Basic $($encodedAuth)"}
if ($token) {
try {
# Get Identity Profiles List
$baseURI = "https://$($orgName).identitynow.com/api/profile/"
$headers = @{"Authorization" = "Bearer $($token.access_token)"; "Content-Type" = "application/json"}
$IdentityProfiles = Invoke-RestMethod -Method Get -uri "$($baseURI)list" -Headers $headers
$identityProfileOrderSelect = $IdentityProfiles | Select-Object -Property name, id, priority | Sort-Object -Property priority
$iProfiles = @()
[int]$order = 0
foreach ($profile in $identityProfileOrderSelect) {
# Identity Profile Chooser
$iProfileName = New-Object -TypeName PSObject
$iProfileName | Add-Member -Type NoteProperty -Name ProfileName -Value $profile.name
$iProfileName | Add-Member -Type NoteProperty -Name Priority -Value $profile.priority
$iProfileName | Add-Member -Type NoteProperty -Name ID -Value $profile.id
$iProfiles += $iProfileName
$order++
}
If ($iProfiles.Count -gt 1) {
$title = "Identity Profile Priority Changer"
$message = "Which Identity Profile are you wanting to change the priority of? Enter the Identity Profile name or accept the default."
# Build the choices menu
$choices = @()
For ([int]$index = 0; $index -lt $iProfiles.Count; $index++) {
$choices += New-Object System.Management.Automation.Host.ChoiceDescription $iProfiles[$index].ProfileName, ($iProfiles[$index]).Priority
}
Clear-Host
write-host "The current Identity Profiles Priorities are:"
Write-Output $iProfiles | out-host
# Identity Profile to move
$options = [System.Management.Automation.Host.ChoiceDescription[]]$choices
[int[]]$DefaultChoice = @($order - 1)
$result = $host.ui.PromptForChoice($title, $message, $options, $DefaultChoice )
$targetProfile = $iProfiles[$result]
# Location to move to
Clear-Host
$message = "Which Identity Profile do you want it to have a higher priority than (e.g move it above it)?"
$options = [System.Management.Automation.Host.ChoiceDescription[]]$choices
[int[]]$DefaultChoice = @(0)
$result = $host.ui.PromptForChoice($title, $message, $options, $DefaultChoice )
$higherThan = $iProfiles[$result]
write-host -ForegroundColor Yellow "$($targetProfile.ProfileName) will be moved above $($higherThan.ProfileName)"
$confirmation = Read-Host "Are you sure you want to change the priority of $($targetProfile.ProfileName)? Y / N"
if ($confirmation -eq 'y') {
try {
# Change Priority
$newPriority = $($higherThan.Priority) - 5
$updateProfile = Invoke-RestMethod -Method Post -uri "https://$($orgName).identitynow.com/api/profile/update/$($targetProfile.id)" -Headers $headers -Body (@{"priority" = $newPriority} | convertto-json)
write-host -ForegroundColor Green "$($targetProfile.ProfileName) has been moved above $($higherThan.ProfileName) with a priority of $($updateProfile.priority)"
}
catch {
write-host -ForegroundColor Red "Something went wrong updating your profile. Check the priorities of your Identity Profiles"
}
}
else {
write-host "No changes made"
}
}
}
catch {
write-host -foregroundcolor yellow "Well, that didn't work. Are you referecing the correct Source and Org?"
}
}
else {
write-host -foregroundcolor yellow "Well, that didn't work. Check your credentials, update and try again."
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.