SailPoint IIQ - ForgeRock - FAQ

// Get Oauth-2 client id and secret key base 64 encoded value  import sailpoint.service.oauth.OAuthClientDTO; import sailpoint.service.oauth.OAuthClientService; import java.util.Base64; import java.util.List; public String getTokenValue(SailPointContext context, String clientName) { OAuthClientService oAuthClientService = new OAuthClientService(context); List<OAuthClientDTO> OAuthClientDTOList = oAuthClientService.getClientDTOs(); log.info("OAuthClientDTOList - " + OAuthClientDTOList); String base64TokenKey = ""; if(null != OAuthClientDTOList) { for(OAuthClientDTO obj : OAuthClientDTOList) { if(clientName.equalsIgnoreCase(obj.getName())) { log.info("dto.getClientId() - " + obj.getClientId()); log.info("dto.getSecret() - " + obj.getSecret()); base64TokenKey = "Basic " + Base64.getEncoder().encodeToString((obj.getClientId() + ":" + obj.getSecret()).getBytes()); log.info("base64Toke...

Java Classes - REST Resources The plugin framework relies heavily on REST web services integration for the majority of CRUD (create, read, update, and delete) operations. To create a custom REST resource, there are a couple requirements. This guide will cover those requirements. Extend BasePluginResource The first step to creating a custom REST resource is to use the BasePluginResource class as the base class for all resources. It provides access to utility methods for accessing plugin settings, getting database connections and more. getConnection - Gets connection to the datasource specified in the iiq.properties file for the plugins getPluginName - This method should be overriden to return the plugin's correct name. getSettingBool - Gets value of boolean plugin setting for plugin name returned by getPluginName(). getSettingInt - Gets value of int plugin setting for plugin name returned by getPluginName(). getSettingString - Gets value of String plugin setting for plugin name retu...

How to properly process many IdentityIQ objects in a run rule task Sometimes, all you need is to update many objects in IIQ, for example, you want to change some attribute, let's say, hundreds of thousands of them. Because IIQ uses hibernate, you can't just bring all objects into memory at once, or if you do, you can't let them stay in the object cache. So this code snippet shows how to properly split this task into smaller transaction chunks.  Please notice that the debug's "run rule" feature is subject to the UI timeout for a synchronous request.  So in order to run a long-running task, create a "Run Rule"  task and execute it in background. import sailpoint.api.SailPointContext; import sailpoint.api.SailPointFactory; import sailpoint.object.Identity; import sailpoint.object.QueryOptions; import sailpoint.spring.SpringStarter; import sailpoint.tools.GeneralException; import java.util.Iterator; public class IdentityCreationBulk {     private static ...