Instantly share code, notes, and snippets.

Embed
What would you like to do?
Adding Users to a SailPoint IdentityNow Role. Associated Blog Post can be found here https://blog.darrenjrobinson.com/managing-sailpoint-identitynow-roles-via-api-and-powershell/
# Basic Auth Header
# Remove Bearer Auth
$IDN.Headers.Remove("Authorization")
# Add in Basic Auth
$IDN.Headers.Add('Authorization', "Basic $($encodedAuth)")
# Query for Users to add
$query = "darren"
$RoleGroupMembers = Invoke-RestMethod -Method GET -Uri "$($SearchURI)limit=$($searchLimit)&query=$($query)" -WebSession $IDN
$RoleGroupMembers = $RoleGroupMembers | Sort-Object | Select-Object -Property name -Unique
$RoleGroupMembers.Count
# Add the users to a collection
$usersToAdd = @()
foreach ($user in $RoleGroupMembers){
$usersToAdd += $user.name
}
# Switch Headers back to JWT Bearer
$IDN.Headers.Remove("Authorization")
$IDN.Headers.Add('Authorization', "Bearer $($accessToken)")
#$roleGroupID = '2c91808466546d730166512345678909876' # Specify a Role Group to update
# Reuse the RoleGroupID from the Group we just created
$roleGroupID = $createRoleGroup.id
# IdentityList Format
$rolebodyraw = "{`"id`":`"$($roleGroupID)`",`"selector`":{`"aliasList`":[`"12345`",`"67890`"],`"type`":`"IDENTITY_LIST`"}}"
# Convert from JSON to PSObject
$rolebody = $rolebodyraw | ConvertFrom-Json
# Update Members to Add to Role
$rolebody.selector.aliasList = $usersToAdd
# Convert to JSON
$rolebody = $rolebody | ConvertTo-Json
# Update URI
$RoleUpdateURI = "https://$($orgName).api.identitynow.com/cc/api/role/update"
try{
# Add Users to Role
$RoleUpdate = Invoke-RestMethod -Uri $RoleUpdateURI -Method "POST" -Body $RoleCriteria -WebSession $IDN
Write-Host -ForegroundColor Green "Role Criteria Successfully added to $($supplier.Supplier)"
} catch {
Write-Host -ForegroundColor Red "Failed to update Role Group with Criteria for Supplier $($supplier.Supplier)"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment