000034505 - User object missing from RSA Identity Governance and Lifecycle WebService createChangeRequest "Add Account to Group"

Document created by RSA Customer Support Employee on Jan 13, 2017Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000034505
Applies ToRSA Product Set: RSA Identity Governance and Lifecycle
Product Description: RSA Identity Governance and Lifecycle
RSA Version/Condition: 7.0.0, 7.0.1
IssueThe RSA Identity Governance and Lifecycle WebService createChangeRequest Add Account to Group and Remove User from Group calls accept an Account option, but do not allow you to pass an Aveksa user object in the request template.
For example these are the allowed values for the Add Account to Group Web Service call (from the online help for Web Services):
<AccountChange>
<Operation>Add</Operation>
<Account>value</Account>
<AccountCollector>value</AccountCollector>
<Group>value</Group>
<GroupCollector>value</GroupGroupCollector>
</AccountChange>

 
CauseThis is by design.  The Add account to group call only deals with accounts and groups and specifically is only for adding an account to a group.  No user object is required or allowed in this call.
 
ResolutionIf the intention is to add a user to a group then a separate call for Add User to Group should be used.  This new call was added as a feature request and is available in 7.0.1 and later versions of the product. 
The 7.0.1 Web Services calls Add User to Group and Remove User from Group takes a user reference (and does not take an account reference).  When making Web Service calls use the call that is correct for the type of change request you wish to generate. 

The following parameters are allowed for the Add User to Group Web Service call.


<UserChange>
<Operation>Add</Operation>
<User>value</User>
<BusinessSource>value</BusinessSource>
<Group>value</Group>
</UserChange>

The following parameters are allowed for the Remove User from Group Web Service call.


<UserChange>
<Operation>Remove</Operation>
<User>value</User>
<BusinessSource>value</BusinessSource>
<Group>value</Group>
</UserChange>

Attachments

    Outcomes