Keywords
The Web Service
Used for configuring the provisioning operations such as create account and update account.
For example:
Context URL – /api/core/v3/people/$plan.nativeIdentity$
JSON Body example for plan:
{"new_members": [
{
"email": "$plan.email$",
"first_name": "$plan.first_name$",
"surname": "$plan.surname$",
"send_welcome_email": $plan.send_welcome_email$,
"role": {
".tag": "member_only"
}
}
]
}
Used for multiple endpoints, where the response from the first endpoint is provided as an input for the second endpoint.
For example, there are two endpoints for account aggregation.
-
The first endpoint returns a response as a list of
member_ids
that is an input for the second endpoint as mentioned in the next point. -
Second endpoint's JSON body is:
{"members_info":[{"member_id":"$response.member_id$"}]}
Used to get other configuration attributes from the current
For example:
"$application.<accesstoken>$",
where <accesstoken>
is
Used while performing Aggregate Account (get a single account details).
For example:
- JSON body:Copy
{"members": [
{
".tag": "member_id",
"member_id": "$getobject.nativeIdentity$"
}
]
} -
Context URL for get object:
/api/v4/admin/$getobject.nativeIdentity$
Indicates the AccountID (identity attribute) in the plan or during getobject
operation.
For example, nativeIdentity is used along with the keyword as follows:
-
getobject –
$getobject.nativeIdentity$
-
plan –
$plan.nativeIdentity$
Note
There may be instances where the `nativeIdentity` is present in the account request for account creation. In such cases, the `nativeIdentity` may occasionally reflect different values.
Represents the Plans nativeIdentity in the Provisioning plan.
For example, planNativeIdentity
is used along with the keyword as follows:
- plan –
$plan.planNativeIdentity$
Web Services can be configured with native identity from the provisioning plan using placeholder $plan.planNativeIdentity$
.
To provide the username and password in the endpoint configuration, use the following placeholders:
$authenticate.username$
$authenticate.password$
For more information on configuration for pass-through authentication, see Pass Through Authentication.
Note
SailPoint recommends using a placeholder in the body and url rather than adding sensitive information directly. For example
https://TESTMACHINE:9096/users/user/$application.accesstoken$
In the above table for examples of attributes that are mapped to a raw JSON response, it may contain formatted values as follows (similar to ".tag": "member_id"):
['.tag']
['@etag']
['@@test']
['complex.name']
['role name']
['role_name']