Last active
November 18, 2019 04:00
-
-
Save darrenjrobinson/75194bf09ae173416c22cf340449b862 to your computer and use it in GitHub Desktop.
SailPoint IdentityNow Identity Profiles Documenter. Associated Blog Post https://blog.darrenjrobinson.com/sailpoint-identitynow-identity-profiles-mapping-report/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Your API Client ID | |
$clientID = 'yourClientID' | |
# Your API Client Secret | |
$clientSecret = 'yourClientSecret' | |
$Bytes = [System.Text.Encoding]::utf8.GetBytes("$($clientID):$($clientSecret)") | |
$encodedAuth = [Convert]::ToBase64String($Bytes) | |
# Your IdentityNow Tenant Name | |
$orgName = 'yourOrgName' | |
# IdentityNow Admin User and PWD to connect with via oAuth | |
$adminUSR = [string]"yourAdminName".ToLower() | |
$adminPWDClear = 'yourAdminPassword' | |
# Encrypt creds from above. Requires the PSCX Module | |
$passwordHash = Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($($adminPWDClear) + (Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($adminUSR)).HashString.ToLower()) | |
$adminPWD = $passwordHash.ToString().ToLower() | |
# Base URI for Private API's (v1 APIs) | |
$baseURI = "https://$($orgName).identitynow.com" | |
# URI to get Token | |
$tokenURI = "https://$($orgName).identitynow.com/api/oauth/token?grant_type=password&username=$($adminUSR)&password=$($adminPWD)" | |
# Report Setup | |
$reportImagePath = "C:\PATH-TO-Image\SailPoint IdentityNow 240px.png" | |
$ImageData = [Convert]::ToBase64String((Get-Content $reportImagePath -Encoding Byte)) | |
$ImageFile = Get-Item $reportImagePath | |
$ImageType = $ImageFile.Extension.Substring(1) #strip off the leading . | |
$ImageTag = "<Img src='data:image/$ImageType;base64,$($ImageData)' Alt='$($ImageFile.Name)' width='240' height='82' hspace=10>" | |
$ReportOutputPath = "C:\PATH-TO-Reports\ConfigReports" | |
# Get Token | |
$token = Invoke-RestMethod -Method POST -Uri $tokenURI -Headers @{Authorization = "Basic $($encodedAuth)"} | |
if ($token) { | |
try { | |
# Get Identity Profiles List | |
$baseURI = "https://$($orgName).identitynow.com/api/profile/" | |
$headers = @{"Authorization" = "Bearer $($token.access_token)"; "Content-Type" = "application/json"} | |
$IdentityProfiles = Invoke-RestMethod -Method Get -uri "$($baseURI)list" -Headers $headers | |
$htmlFragments = $null | |
# Headings and Title | |
$top = @" | |
<center> | |
<h1>SailPoint IdentityNow Identity Profiles Report</h1> | |
<h2>Organisation - `'$($orgName.ToUpper())`'</h2> | |
<h3>`'$($IdentityProfiles.Count)`' Profiles found<h3> | |
<b><center>$ImageTag</center></b> | |
</center> | |
"@ | |
$htmlFragments += $top | |
foreach ($idnProfile in $IdentityProfiles) { | |
$profileDetails = @() | |
write-host -ForegroundColor Green "Identity Profile: $($idnProfile.name) Description: $($idnProfile.description)" | |
# Profile Title | |
$H3Text = "$($idnProfile.name)" | |
$div = $H3Text.Replace(" ", "_") | |
$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h3>$H3Text</h3></center></a><div id=""$div"" style=""display: none;"">" | |
# Get Identity Profile | |
$profile = Invoke-RestMethod -Method Get -Uri "$($baseURI)get/$($idnProfile.id)" -Headers @{"Authorization" = "Bearer $($token.access_token)"} | |
$ProfileTemplate = [pscustomobject][ordered]@{ | |
'Identity Attribute' = $null | |
Source = $null | |
'Source Attribute' = $null | |
} | |
foreach ($attr in $profile.attributeConfig.attributeTransforms.attributeName) { | |
$attributes = $profile.attributeConfig.attributeTransforms | Select-Object | Where-Object {$_.attributeName -eq $attr} | |
foreach ($mappingAttr in $attributes.attributes) { | |
write-host "$($mappingAttr.sourceName) $($mappingAttr.attributeName)" | |
$profileMapping = $ProfileTemplate.PsObject.Copy() | |
$profileMapping.'Identity Attribute' = $attr | |
$profileMapping.Source = $mappingAttr.sourceName | |
$profileMapping.'Source Attribute' = $mappingAttr.attributeName | |
} | |
$profileDetails += $profileMapping | |
} | |
# Profile Details | |
$H4Text = "$($idnProfile.name) Details" | |
$div = $H4Text.Replace(" ", "_") | |
$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H4Text</h4></center></a><div id=""$div"" style=""display: none;"">" | |
$htmlFragments += "<center>" | |
$htmlFragments += $profileDetails | ConvertTo-Html | |
$htmlFragments += "</center>" | |
$htmlFragments += "</div>" | |
$htmlFragments += "</div>" | |
} | |
# Footer | |
$htmlFragments += "<center><p class='footer'>Report Generated $(get-date)</p></center>" | |
# Header | |
$head = @" | |
<Title>SailPoint IdentityNow Identity Profiles Report - $($orgName.ToUpper())</Title> | |
<style> | |
body {background-color:#ffffff; font:70%/1.5em Lato,sans-serif; padding:10px } | |
td,th {padding-left:8px} | |
th {color:black; background-color:cornflowerblue;} | |
table {border-spacing:1px; border-collapse:collapse; background:#F7F6F6; border-radius:6px; overflow:hidden; max-width:480px; width:70%; margin:0 auto; position:relative;} | |
table, tr, td, th {padding: 10px; margin: 0px ;white-space:pre; word-break:break-all; width:70%;} | |
tr:nth-child(even) {background-color:#dae5f4;} | |
tr:nth-child(odd) {background:#b8d1f3;} | |
thead tr {height:60px;background:#367AB1;color:#F5F6FA;font-size:1.2em;font-weight:700;text-transform:uppercase} | |
tbody tr {height:35px;border-bottom:1px solid #367AB1; word-break:break-all; text-transform:capitalize; font-size:1em;} | |
h1 {font-family:Tahoma;color:#A9A9A9;} | |
h2 {font-family:Tahoma;color:#6D7B8D;} | |
h3 {font-family:Tahoma;color:#6D7B8D;} | |
.alert {color: red;} | |
.footer {color:green; margin-left:10px; font-family:Tahoma; font-size:8pt; font-style:italic;} | |
.transparent {background-color:#ffffff;} | |
</style> | |
<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js'> | |
</script> | |
<script type='text/javascript'> | |
function toggleDiv(divId) { | |
`$("#"+divId).toggle(); | |
} | |
function toggleAll() { | |
var divs = document.getElementsByTagName('div'); | |
for (var i = 0; i < divs.length; i++) { | |
var div = divs[i]; | |
`$("#"+div.id).toggle(); | |
} | |
} | |
</script> | |
"@ | |
# Output the Report | |
$convertParams = @{ | |
head = $head | |
body = $htmlFragments | |
} | |
convertto-html @convertParams | out-file -FilePath "$($ReportOutputPath)\$($orgName)-IdentityProfileReport-$(get-date -format "dd-MMM-yyyy HH-mm").html" | |
} | |
catch { | |
write-host -foregroundcolor yellow "Well, that didn't work. Are you referecing the correct Source and Org?" | |
} | |
} | |
else { | |
write-host -foregroundcolor yellow "Well, that didn't work. Check your credentials, update and try again." | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment