Keywords

The Web Service source supports the following keywords for various configuration attributes such as Authentication URL, Headers, Body (JSON and Form-data) for a single or multiple endpoints:

Used for configuring the provisioning operations such as create account and update account.

For example:

Authentication URL/api/core/v3/people/$plan.nativeIdentity$

JSON Body example for plan:

Copy 
{"new_members": [
   {
  "email": "$plan.email$",
  "first_name": "$plan.first_name$",
  "surname": "$plan.surname$",
  "send_welcome_email": $plan.send_welcome_email$,
  "role": {
   ".tag": "member_only"
  }
}
]
}

Used for multiple endpoints, where the response from the first endpoint is provided as an input for the second endpoint.

For example, there are two endpoints for account aggregation.

  • The first endpoint returns a response as a list of member_ids that is an input for the second endpoint as mentioned in the next point.

  • Second endpoint's JSON body is: {"members_info":[{"member_id":"$response.member_id$"}]}

Used to get other configuration attributes from the current source.

For example:

"$application.<accesstoken>$",

where <accesstoken> is a source configuration attribute.

Used while performing Aggregate Account (get a single account details).

For example:

  • JSON body:
    Copy
    {"members": [
       {
      ".tag": "member_id",
      "member_id": "$getobject.nativeIdentity$"
    }
    ]
    }

  • Authentication URL for get object:

    /api/v4/admin/$getobject.nativeIdentity$

Indicates the AccountID (identity attribute) in the plan or during getobject operation.

For example, nativeIdentity is used along with the keyword as follows:

  • getobject$getobject.nativeIdentity$

  • plan$plan.nativeIdentity$

Note
There may be instances where the `nativeIdentity` is present in the account request for account creation. In such cases, the `nativeIdentity` may occasionally reflect different values.

Represents the Plans nativeIdentity in the Provisioning plan.

For example, planNativeIdentity is used along with the keyword as follows:

  • plan$plan.planNativeIdentity$

Web Services can be configured with native identity from the provisioning plan using placeholder $plan.planNativeIdentity$.

Note
There is a possibility that the nativeIdentity may be present in the account creation request. It may sometimes correspond to different values.

To provide the username and password in the endpoint configuration, use the following placeholders:

$authenticate.username$

$authenticate.password$

For more information on configuration for pass-through authentication, see Pass Through Authentication.

Note

SailPoint recommends using a placeholder in the body and url rather than adding sensitive information directly. For example

https://TESTMACHINE:9096/users/user/$application.accesstoken$

In the above table for examples of attributes that are mapped to a raw JSON response, it may contain formatted values as follows (similar to ".tag": "member_id"):

Copy 
['.tag']
['@etag']
['@@test']
['complex.name']
['role name']
['role_name']