Symantec IGA

Can anyone have any examples of sample SOAP request for deltaBPRService of Identity Governance ?

We want to validate role changes done by idm to be checked for compliance violation against IG implemented BPRs using policy express web service.

A sample soap request would be very helpful.

This use case seems to line up with the OOTB "Smart Provisioning" use cases.  What is it you are trying to accomplish that the OOTB functionality doesn't cover?

Hi Ricky,

We have some requirements where we want to trigger certifications based on user profile updates etc.

For example,

Lets say a user is moved from one department to new department then along with role changes we want to trigger a certification to the manager of the user to certify the requested self service access entitlements of the user. So we want to trigger any certification using idm policy express or blth.

Regards,

Mainak

It might be best to open a case so we can open an engineer ticket open to provide a sample on this.

Hi Yuan,

I raised a CA case and got the response that they dont have any sample soap request for governance services and asked me to check in communities.

Hi Mainak,

Since engineering does not have an example and we cannot get one from the community, please see if you can engage CA Services to help you out here.

Try something like the following:

<soapenv:Envelope xmlns:cam="http://campaign.dto.eurekify.com" xmlns:dto="http://dto.eurekify.com" xmlns:ns1="http://services.eurekify.com" xmlns:ser="http://services.eurekify.com" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-0215035FEAD5F51228149685347493655"><wsse:Username>AD1\EAdmin</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">/3YvwKuF7um5cVZW2k=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">wZ89Iq5p9f6Wg==</wsse:Nonce><wsu:Created>2017-06-07T16:37:54.936Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header>
<soapenv:Body>
<ser:createCampaign>
<ser:in0>
<name xmlns="http://campaign.dto.eurekify.com">BU {'Primary BU Vendor Number'} {'Current Year'}-{'Current Month'}-{'Current Day'} {'Current Time'}</name>
<entityGFilter xmlns="http://campaign.dto.eurekify.com">(Organization={'Primary BU Vendor Number'})</entityGFilter>
<auditCard xsi:nil="true" xmlns="http://campaign.dto.eurekify.com"/>
<auditCardFilter xmlns="http://campaign.dto.eurekify.com">NONE</auditCardFilter>
<autoStartDate xmlns="http://campaign.dto.eurekify.com">2017-06-01T13:14:52-04:00</autoStartDate>
<creationDate xmlns="http://campaign.dto.eurekify.com">2017-06-01T13:14:52-04:00</creationDate>

<campaignTaskTypes xmlns="http://campaign.dto.eurekify.com">
<ns1:string>DUAL_USER_ROLE_LINK_APPROVAL</ns1:string>
<ns1:string>DIRECT_USER_ROLE_LINK_APPROVAL</ns1:string>
<ns1:string>DUAL_USER_RESOURCE_LINK_APPROVAL</ns1:string>
<ns1:string>DIRECT_USER_RESOURCE_LINK_APPROVAL</ns1:string>
</campaignTaskTypes>

<defaultManager xmlns="http://campaign.dto.eurekify.com">AD1\EAdmin</defaultManager>
<description xmlns="http://campaign.dto.eurekify.com">User Cert via API</description>
<document xmlns="http://campaign.dto.eurekify.com">{'GM Universe'}_model</document>
<duration xmlns="http://campaign.dto.eurekify.com">604800000</duration>


<enforceRejectionComment xmlns="http://campaign.dto.eurekify.com">false</enforceRejectionComment>
<enforceViolationsComment xmlns="http://campaign.dto.eurekify.com">false</enforceViolationsComment>
<entityGFilter xsi:nil="true" xmlns="http://campaign.dto.eurekify.com"/>
<executionOnModel xmlns="http://campaign.dto.eurekify.com">true</executionOnModel>
<generateAuditCard xmlns="http://campaign.dto.eurekify.com">false</generateAuditCard>

<includeDeltaTasks xmlns="http://campaign.dto.eurekify.com">true</includeDeltaTasks>
<membersList xmlns="http://campaign.dto.eurekify.com">-1</membersList>

<owner xmlns="http://campaign.dto.eurekify.com">AD1\EAdmin</owner>
<processMapping xmlns="http://campaign.dto.eurekify.com">-1</processMapping>
<processProperties xmlns="http://campaign.dto.eurekify.com">
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">flow.memberListForCertify</name>
<value xsi:nil="true" xmlns="http://dto.eurekify.com"/>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">flow.defaultManager</name>
<value xmlns="http://dto.eurekify.com">AD1\EAdmin</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">flow.certification.accountableType</name>
<value xmlns="http://dto.eurekify.com">Accountable</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">flow.isAggregated</name>
<value xmlns="http://dto.eurekify.com">false</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">flow.affectedConfiguration</name>
<value xsi:nil="true" xmlns="http://dto.eurekify.com"/>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">flow.requestChangeApproval.boolean</name>
<value xmlns="http://dto.eurekify.com">false</value>
</ns3:Property>
</processProperties>
<properties xmlns="http://campaign.dto.eurekify.com">
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">campaign.links</name>
<value xmlns="http://dto.eurekify.com">2,0,3,5</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">certification.template.configurationSelection</name>
<value xmlns="http://dto.eurekify.com">certification.template.selectModelConfiguration</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">factory.default.campaign.template</name>
<value xmlns="http://dto.eurekify.com">USER_CERTIFICATION</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">campaign.recertification.calculateDelta</name>
<value xmlns="http://dto.eurekify.com">true</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">campaign.typeOption</name>
<value xmlns="http://dto.eurekify.com">0</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">certification.template.allowRecurrence</name>
<value xmlns="http://dto.eurekify.com">false</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">campaign.recertification.states</name>
<value xmlns="http://dto.eurekify.com">0,0:1,1:2,2</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">general.allowSelectAll</name>
<value xmlns="http://dto.eurekify.com">true</value>
</ns3:Property>
</properties>
<reCertificationCampaignReference xmlns="http://campaign.dto.eurekify.com">-1</reCertificationCampaignReference>
<reassignTaskAggEmailTemplate xmlns="http://campaign.dto.eurekify.com">0</reassignTaskAggEmailTemplate>
<reassignTaskEmailTemplate xmlns="http://campaign.dto.eurekify.com">0</reassignTaskEmailTemplate>
<reassignTaskEmailTemplateEnable xmlns="http://campaign.dto.eurekify.com">false</reassignTaskEmailTemplateEnable>
<recertType xsi:nil="true" xmlns="http://campaign.dto.eurekify.com"/>
<recertificationStates xmlns="http://campaign.dto.eurekify.com">
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">APPROVED</name>
<value xmlns="http://dto.eurekify.com">APPROVED</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">PENDING</name>
<value xmlns="http://dto.eurekify.com">PENDING</value>
</ns3:Property>
<ns3:Property xmlns:ns3="http://dto.eurekify.com">
<name xmlns="http://dto.eurekify.com">REJECTED</name>
<value xmlns="http://dto.eurekify.com">REJECTED</value>
</ns3:Property>
</recertificationStates>
<removeRoleResourceProcessName xsi:nil="true" xmlns="http://campaign.dto.eurekify.com"/>
<removeRoleRoleProcess xsi:nil="true" xmlns="http://campaign.dto.eurekify.com"/>
<removeUserResourceProcessName xsi:nil="true" xmlns="http://campaign.dto.eurekify.com"/>
<removeUserRoleProcessName xsi:nil="true" xmlns="http://campaign.dto.eurekify.com"/>
<secondEntityGFilter xmlns="http://campaign.dto.eurekify.com"/>
<selfAttestation xmlns="http://campaign.dto.eurekify.com">false</selfAttestation>
<startCampaignAggEmailTemplate xmlns="http://campaign.dto.eurekify.com">0</startCampaignAggEmailTemplate>
<startCampaignEmailTemplate xmlns="http://campaign.dto.eurekify.com">0</startCampaignEmailTemplate>
<startCampaignEmailTemplateEnable xmlns="http://campaign.dto.eurekify.com">false</startCampaignEmailTemplateEnable>
<state xmlns="http://campaign.dto.eurekify.com">CAMPAIGN_TEMPLATE</state>
<type xmlns="http://campaign.dto.eurekify.com">USER_CERTIFICATION</type>
<universe xmlns="http://campaign.dto.eurekify.com">{'GM Universe'}</universe>
<useRaci xmlns="http://campaign.dto.eurekify.com">true</useRaci>


</ser:in0>
</ser:createCampaign>
</soapenv:Body>
</soapenv:Envelope>