Last active
October 30, 2018 05:42
-
-
Save darrenjrobinson/8470e4de173811df1864e7d2ca3992f1 to your computer and use it in GitHub Desktop.
Adding Users to a SailPoint IdentityNow Role. Associated Blog Post can be found here https://blog.darrenjrobinson.com/managing-sailpoint-identitynow-roles-via-api-and-powershell/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Basic Auth Header | |
# Remove Bearer Auth | |
$IDN.Headers.Remove("Authorization") | |
# Add in Basic Auth | |
$IDN.Headers.Add('Authorization', "Basic $($encodedAuth)") | |
# Query for Users to add | |
$query = "darren" | |
$RoleGroupMembers = Invoke-RestMethod -Method GET -Uri "$($SearchURI)limit=$($searchLimit)&query=$($query)" -WebSession $IDN | |
$RoleGroupMembers = $RoleGroupMembers | Sort-Object | Select-Object -Property name -Unique | |
$RoleGroupMembers.Count | |
# Add the users to a collection | |
$usersToAdd = @() | |
foreach ($user in $RoleGroupMembers){ | |
$usersToAdd += $user.name | |
} | |
# Switch Headers back to JWT Bearer | |
$IDN.Headers.Remove("Authorization") | |
$IDN.Headers.Add('Authorization', "Bearer $($accessToken)") | |
#$roleGroupID = '2c91808466546d730166512345678909876' # Specify a Role Group to update | |
# Reuse the RoleGroupID from the Group we just created | |
$roleGroupID = $createRoleGroup.id | |
# IdentityList Format | |
$rolebodyraw = "{`"id`":`"$($roleGroupID)`",`"selector`":{`"aliasList`":[`"12345`",`"67890`"],`"type`":`"IDENTITY_LIST`"}}" | |
# Convert from JSON to PSObject | |
$rolebody = $rolebodyraw | ConvertFrom-Json | |
# Update Members to Add to Role | |
$rolebody.selector.aliasList = $usersToAdd | |
# Convert to JSON | |
$rolebody = $rolebody | ConvertTo-Json | |
# Update URI | |
$RoleUpdateURI = "https://$($orgName).api.identitynow.com/cc/api/role/update" | |
try{ | |
# Add Users to Role | |
$RoleUpdate = Invoke-RestMethod -Uri $RoleUpdateURI -Method "POST" -Body $RoleCriteria -WebSession $IDN | |
Write-Host -ForegroundColor Green "Role Criteria Successfully added to $($supplier.Supplier)" | |
} catch { | |
Write-Host -ForegroundColor Red "Failed to update Role Group with Criteria for Supplier $($supplier.Supplier)" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment