Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
List an IdentityNow Org Configuration. Update Global Escalation Configuration. Associated blogpost https://blog.darrenjrobinson.com/get-update-sailpoint-identitynow-global-reminders-and-escalation-policies/
# IdentityNow Orgname
$orgName = "yourOrgname"
# IdentityNow Admin User
$adminUSR = [string]"yourOrgAdminID".ToLower()
$adminPWDClear = 'yourOrgAdminPasswrd'
# Generate the password hash
# Requires Get-Hash from PowerShell Community Extensions (PSCX) Module
# https://www.powershellgallery.com/packages/Pscx/3.2.2
$passwordHash = Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($($adminPWDClear) + (Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($adminUSR)).HashString.ToLower())
$adminPWD = $passwordHash.ToString().ToLower()
$adminPWD
# Your Org v3 Client ID and Secret
$clientIDv3 = "your IDN v3 Client ID"
$clientSecretv3 = "your IDN v3 Client Secret"
# Basic Auth
$Bytesv3 = [System.Text.Encoding]::utf8.GetBytes("$($clientIDv3):$($clientSecretv3)")
$encodedAuthv3 = [Convert]::ToBase64String($Bytesv3)
$Headersv3 = @{Authorization = "Basic $($encodedAuthv3)"}
# Get v3 oAuth Token
# oAuth URI
$oAuthURI = "https://$($orgName).api.identitynow.com/oauth/token"
# v3 Token
$v3Token = Invoke-RestMethod -Method Post -Uri "$($oAuthURI)?grant_type=password&username=$($adminUSR)&password=$($adminPWD)" -Headers $Headersv3 -SessionVariable IDNv3
$v3Token
# Org API URI
$orgBaseURI = "https://$($orgName).identitynow.com/api/v2/org"
# Get Org Config
$listOrgConfig = Invoke-RestMethod -Method GET -Uri $orgBaseURI -Headers @{Authorization = "$($v3Token.token_type) $($v3Token.access_token)"}
$approvalConfig = $listOrgConfig.approvalConfig
# global reminders and escalation policies for access request approvals
$daysBetweenReminders = 3
$daysTillEscalation = 5
$maxReminders = 10
# SailPoint user name of the identity
$fallbackApprover = "darren.robinson"
# Set Config options to update
$approvalConfig.daysBetweenReminders = $daysBetweenReminders
$approvalConfig.daysTillEscalation = $daysTillEscalation
$approvalConfig.maxReminders = $maxReminders
$approvalConfig.fallbackApprover = $fallbackApprover
$approvalConfigBody = @{"approvalConfig" = $approvalConfig}
# Update IdentityNow with new global reminders and escalation policies config
$updateOrgConfig = Invoke-RestMethod -Method Patch -Uri $orgBaseURI -Headers @{Authorization = "$($v3Token.token_type) $($v3Token.access_token)"; 'Content-Type' = 'application/json'} -Body ($approvalConfigBody | convertto-json)
# Output Config
$updateOrgConfig
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.