Skip to main content

IdentityIQ Plugin APIs

The IdentityIQ(IIQ) plugin talks to the IdentityIQ IGA service. Once an IIQ plugin is used to define an actor, the actor object is available with the following APIs

GetSchema()

The API returns the schema for the IIQ service. The function does not accept any parameters.

Example

let schema = actor.GetSchema();

GetIdentity(id)

The API returns the SCIM representation of an identity given the id of the identity.

NameTypeDescription
idStringThe GUID of the identity.

Example

let identity = actor.GetIdentity("ac1700048a0215b3818a033eeef800ee");

GetIdentityRolesAndEntitlements(id)

The API returns the roles and entitlements of an identity given the id of the identity.

NameTypeDescription
idStringThe GUID of the identity.

Example

let userRoles = actor.GetIdentityRolesAndEntitlements("ac1700048a0215b3818a033eeef800ee");

UpdateIdentity(id, attributes)

The API updates the given identity represented by id with the set of attributes given by attributes.

NameTypeDescription
idStringThe GUID of the identity.
attributesObjectKey-value object representing the attributes to be updated.

Example

let activateAssociate = {
  "urn:ietf:params:scim:schemas:sailpoint:1.0:User": {
    employeeStatus: "A",
    employeeStatusDescr: "Active",
  },
};
let updatedIdentity = actor.UpdateIdentity("ac1700048a0215b3818a033eeef800ee", activateAssociate);

UpdateIdentityWithBP(id, attributesList)

The API updates the given identity represented by id with the set of attributes given by attributesList using the default Edit identity Workflow. This API becomes handy when certain events are only triggered on attribute change when modified through the default edit identity form.

NameTypeDescription
idStringThe GUID of the identity.
attributesListObjectKey-value object representing the attributes to be updated.

Example

const activateAssociate = [
  {
    name: "employeeStatus",
    value: "A",
  },
  {
    name: "employeeStatusDescr",
    value: "Active",
  },
];
let ret = actor.UpdateIdentityWithBP(id, activateAssociate);

DeleteIdentity(id)

The API deletes the identity in IIQ represented by the id.

NameTypeDescription
idStringThe GUID of the identity.

Example

let ret = actor.DeleteIdentity(id);

StartTask(taskName, serverName, taskArguments)

The API starts a task in IdentityIQ.

NameTypeDescription
taskNameStringThe name of the task to start in IdentityIQ.
serverNameStringThe DNS name of the server where the task should be started. For the current server, pass an empty string.
taskArgumentsObjectThe set of arguments to be passed to the task being started.

Example

let task = actor.StartTask("Refresh Identity Cube", "", {
  filter: `id == "${id}"`,
});

GetTaskStatus(taskIdentifier)

The API returns the current status of an instance of a task.

NameTypeDescription
taskIdentifierStringThe id of the task instance

Example

let status = actor.GetTaskStatus("ac1700048a0215b3818a03df31d40206");

SearchIdentities(returnedAttrs, filter)

The API helps search for identities given a filter and returns the attributes requested through returnedAttrs.

NameTypeDescription
returnedAttrsStringComma separated list of attribute names to be returned.
filterStringThe filter to be used as search criteria in the search.

Example

const filter = `(${namingAttr} == "${namingAttrValue}")`;
const returnedAttributes = "id";
let result = actor.SearchIdentities(returnedAttributes, filter);

SetTimeMachine(numberOfDays, serverName)

The API sets the time machine on IIQ server serverName to numberOfDays in the future.

NameTypeDescription
numberOfDaysNumberThe number of days to be advanced with the time machine.
serverNameStringThe DNS name of the server where the time machine should be advanced.

Example

let msg = actor.SetTimeMachine(15, "srv2.corp.bazc.com");

ResetTimeMachine()

The API reset the time machine in the IIQ server. The API doesn't accept any parameters.

Example

actor.ResetTimeMachine();