SailpointUserLookupValve
Warning
This valve is blocking - this may hurt throughput and cause performance issues since other pipes won't be able to execute while this valve is waiting on a long-running operation in the same instance of the pipes module, for example due to a network request, disk access or similar. Try to limit the usage of blocking valves, try to ensure that they are fast to execute, and if needed, consider deploying multiple instances of the pipes module.
Note
Valve to retrieve identity data from Sailpoint API based on a userID or an email address.
The valve will perform two callouts to the Sailpoint API; the first callout to retrieve an access_token from basic authentication username and password; the second callout to perform the actual user lookup (userID/email and access_token will be added to the request).
The valve will populate an existing item, or create a new item if none exists, with properties from the lookup.
Properties
| Name | Description | Default value | Mandatory | Supports property expansion |
|---|---|---|---|---|
| basic_auth_username | Basic authentication username | Yes | No | |
| basic_auth_password | Basic authentication password | Yes | No | |
| access_token_url | Sailpoint token retrieval endpoint. | Yes | No | |
| user_lookup_url | Sailpoint user information endpoint. | Yes | No | |
| user_lookup_url | Sailpoint user information endpoint. | Yes | No | |
| userid_parameter | The userID to be sent to Sailpoint. | Yes | Yes | |
| lookup_keys | Commaseparated list of keys from the response to be added as item properties. | globalADPrimaryId,xdsPrimaryId,firstname,lastname,subdepartment,managerId,GlobalIsDisabled,XDSIsDisabled,scaniaMobilePhone,email,externalEmailAddress,GlobalLastPwdSet,XDSLastPwdSet,IsCustomerSupport,scaniaITUserCategory | No | No |
| access_token_body | Body to be sent to the token retrieval endpoint | grant_type=client_credentials | No | No |
| trust_all_certs | Trust all https certificates | false | No | No |
| headers | List of headers to be added to the user lookup request | No | No | |
| http_socket_timeou | Socket timeout in seconds | 4 | No | No |
| http_connection_timeout | Connection timeout in seconds | 10 | No | No |
Example Configuration
{
"name": "SailpointUserLookupValve",
"config": {
"basic_auth_username": "phenixid",
"basic_auth_password": "{enc}r2Iz3iaL5WofbJMjV7PQ9G902Vh0xIB7YL9wM4MqYy4=",
"access_token_url": "http://demo7072834.mockable.io/sailpoint/token",
"user_lookup_url": "http://demo7072834.mockable.io/sailpoint/userLookup",
"userid_parameter": "{{request.username}}"
},
"created": "2021-02-16 15:49:41.953"
}
Requirements
Sailpoint URLs for token retrieval and user lookup.
Username and password for Sailpoint basic authentication.