Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Bulk Update SailPoint IdentityNow Entities Manager Attribute via API and PowerShell. Associated Blog Post https://blog.darrenjrobinson.com/lifecycle-management-of-identities-in-sailpoint-identitynow-via-api-and-powershell/
# Your API Client ID
$clientID = 'yourClientID'
# Your API Client Secret
$clientSecret = 'yourClientSecret'
$Bytes = [System.Text.Encoding]::utf8.GetBytes("$($clientID):$($clientSecret)")
$encodedAuth = [Convert]::ToBase64String($Bytes)
# Your IdentityNow Tenant Name
$orgName = 'yourTenantOrgName'
$searchLimit = '1000'
# Source Name in IdentityNow that contains the Accounts that will be updated
$sourceName = "External Entities"
# Queries for all users in NSW to update with a Manager
$query = 'attributes.state:NSW'
# Search URI
$URI = "https://$($orgName).api.identitynow.com/v2/search/identities?"
# Update Accounts Base URI
$updateBaseURI = "https://$($orgName).api.identitynow.com/v2/accounts/"
# Search Accounts to update Mgr for
$searchResults = Invoke-RestMethod -Method Get -Uri "$($URI)limit=$($searchLimit)&query=$($query)" -Headers @{Authorization = "Basic $($encodedAuth)" }
write-host "$($searchResults.Count) found"
# Mgr to find
$manager = "Rick Sanchez"
$queryManager = "attributes.displayName:" + '"' + "$($manager)" + '"'
# Search for Manager
$mgrSearchResults = Invoke-RestMethod -Method Get -Uri "$($URI)limit=$($searchLimit)&query=$($queryManager)" -Headers @{Authorization = "Basic $($encodedAuth)" }
write-host "$($mgrSearchResults.Count) found"
if ($mgrSearchResults.Count -eq 1) {
foreach ($identity in $mgrSearchResults) {
Write-host "Manager $($identity.displayName)"
$mgrID = $null
foreach ($account in $mgrSearchResults.accounts) {
If ($account.source.name.Equals($sourceName)) {
$mgrId = $account.accountId
}
}
}
}
# Update Users with Manager
foreach ($identity in $SearchResults) {
Write-host "Updating Manager for: $($identity.displayName)"
$id = $null
foreach ($account in $identity.accounts) {
If ($account.source.name.Equals($sourceName)) {
$id = $account.id
}
}
if ($id -and $mgrid) {
$updateURI = "$updateBaseURI$($id)?org=$($orgName)"
$body = @{
"manager" = $mgrId
}
$body = $body | ConvertTo-Json
try {
Invoke-RestMethod -Uri $updateURI -Method Patch -Body $body -Headers @{Authorization = "Basic $($encodedAuth)"; 'Content-Type' = 'application/json' }
}
catch {
write-host -forgroundcolor yellow "Well, that didn't work. Check your script"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.