Last active
June 5, 2019 22:43
-
-
Save darrenjrobinson/cf4fea7f5c4514fc907336f719fb67a5 to your computer and use it in GitHub Desktop.
List an IdentityNow Org Configuration. Update Global Escalation Configuration. Associated blogpost https://blog.darrenjrobinson.com/get-update-sailpoint-identitynow-global-reminders-and-escalation-policies/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # IdentityNow Orgname | |
| $orgName = "yourOrgname" | |
| # IdentityNow Admin User | |
| $adminUSR = [string]"yourOrgAdminID".ToLower() | |
| $adminPWDClear = 'yourOrgAdminPasswrd' | |
| # Generate the password hash | |
| # Requires Get-Hash from PowerShell Community Extensions (PSCX) Module | |
| # https://www.powershellgallery.com/packages/Pscx/3.2.2 | |
| $passwordHash = Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($($adminPWDClear) + (Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($adminUSR)).HashString.ToLower()) | |
| $adminPWD = $passwordHash.ToString().ToLower() | |
| $adminPWD | |
| # Your Org v3 Client ID and Secret | |
| $clientIDv3 = "your IDN v3 Client ID" | |
| $clientSecretv3 = "your IDN v3 Client Secret" | |
| # Basic Auth | |
| $Bytesv3 = [System.Text.Encoding]::utf8.GetBytes("$($clientIDv3):$($clientSecretv3)") | |
| $encodedAuthv3 = [Convert]::ToBase64String($Bytesv3) | |
| $Headersv3 = @{Authorization = "Basic $($encodedAuthv3)"} | |
| # Get v3 oAuth Token | |
| # oAuth URI | |
| $oAuthURI = "https://$($orgName).api.identitynow.com/oauth/token" | |
| # v3 Token | |
| $v3Token = Invoke-RestMethod -Method Post -Uri "$($oAuthURI)?grant_type=password&username=$($adminUSR)&password=$($adminPWD)" -Headers $Headersv3 -SessionVariable IDNv3 | |
| $v3Token | |
| # Org API URI | |
| $orgBaseURI = "https://$($orgName).identitynow.com/api/v2/org" | |
| # Get Org Config | |
| $listOrgConfig = Invoke-RestMethod -Method GET -Uri $orgBaseURI -Headers @{Authorization = "$($v3Token.token_type) $($v3Token.access_token)"} | |
| $approvalConfig = $listOrgConfig.approvalConfig | |
| # global reminders and escalation policies for access request approvals | |
| $daysBetweenReminders = 3 | |
| $daysTillEscalation = 5 | |
| $maxReminders = 10 | |
| # SailPoint user name of the identity | |
| $fallbackApprover = "darren.robinson" | |
| # Set Config options to update | |
| $approvalConfig.daysBetweenReminders = $daysBetweenReminders | |
| $approvalConfig.daysTillEscalation = $daysTillEscalation | |
| $approvalConfig.maxReminders = $maxReminders | |
| $approvalConfig.fallbackApprover = $fallbackApprover | |
| $approvalConfigBody = @{"approvalConfig" = $approvalConfig} | |
| # Update IdentityNow with new global reminders and escalation policies config | |
| $updateOrgConfig = Invoke-RestMethod -Method Patch -Uri $orgBaseURI -Headers @{Authorization = "$($v3Token.token_type) $($v3Token.access_token)"; 'Content-Type' = 'application/json'} -Body ($approvalConfigBody | convertto-json) | |
| # Output Config | |
| $updateOrgConfig | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment