Add the Roles Support to Existing Sources

If you have an existing source you've updated to support role management, you need to manually add the Roles schema and update the Accounts schema. Sources created following the update include the Roles schema and the updated Account schema by default.

To add roles management support to an existing source:

Use the createSchema API to create a new Group Schema for your source. This new schema will become the Roles schema. For more information, refer to Create Schema on a Source.

Use the following request:

Copy

"nativeObjectType": "roles",
    "identityAttribute": "id",
    "name": "roles",
    "displayAttribute": "display",
    "hierarchyAttribute": null,
    "includePermissions": false,
    "features": [
        "PROVISIONING"
    ],
    "configuration": {},
    "attributes": [
        {
            "name": "id",
            "type": "STRING",
            "schema": null,
            "description": "Unique identifier for the Role",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "display",
            "type": "STRING",
            "schema": null,
            "description": "Displayable Name of the Role",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "value",
            "type": "STRING",
            "schema": null,
            "description": "The value of a Role",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "meta.created",
            "type": "STRING",
            "schema": null,
            "description": "Resource creation date and time",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "meta.lastModified",
            "type": "STRING",
            "schema": null,
            "description": "Last modified date and time",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "meta.location",
            "type": "STRING",
            "schema": null,
            "description": "URL to access SCIM resource",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        }
    ]
}

Update the Account schema with the new Roles schema.
1. Get the Account schema using the getSchema API. For more information, refer to Get Source Schema by ID.
2. Copy the schema to a file and add the following JSON to the new schema to add roles to the Account schema.
  
  Replace the placeholder id value in the following example payload with the id value from the new schema.
  Copy
```
{
    "name": "roles",
    "type": "STRING",
    "schema": {
        "type": "CONNECTOR_SCHEMA",
        "id": "<id_value_from_Roles_schema>",
        "name": "roles"
    },
    "description": "A list of roles assigned to the user",
    "isMulti": true,
    "isEntitlement": true,
    "isGroup": true
}
```
3. Use the JSON you created as the payload to update the Account schema in the source using the replaceSchema API. For more information, refer to Update Source Schema (Full).

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Add the Roles Support to Existing Sources

Documentation Feedback