SailPoint IdentityNow Transforms

Posted on by Mahesh Mukku in Technology

Introduction

Transform allows you to manipulate attributes values while provisioning to a source. It will help in manipulating any incoming data from the source as per the requirement.

Transforms are configurable objects that define easy ways to manipulate attribute data without requiring you to write code. Transforms are configurable building blocks with sets of inputs and outputs.

As we can see in diagram there is Input-Transform-Output. In input the value or data is coming from identity attributes or Account attribute and according to requirement we will write the transforms and in output we can see our result.

Transform syntax

The Transform syntax has the following properties:

  • The basic requirement for a transform is name, type, attributes.
  • For name, we can take any objects and that will reflect to your identity profile.
  • For Type, we can put the transforms according to your requirement.
  • For inputs, the developer can decide whether we want to take the value from identity attribute or Account attribute.

Basic String Operations

These are basic string operation there are 18 transform. These transform are commonly used in any operation.

I will discuss each and every transform.

1)Base64 Decode– This transform is used for converting String to Base64. Basically it used for decoding purpose.

2)Base64 Encode-This transform is used for converting Base64 to String. Basically it used for encoding purpose.

3)Concatenation-Concatenation transform is used for Combining two string. This transform basically used to combined first name and last name.

4)Index Of– The index of transform is used to get the location of a specific substring. Suppose that if we give the string to find the index of a string if its found it will return the index number, if doesn’t find it will return -1.

5)Substring– Substring transform is used to take the specific part of the string with provided begin index and end index.

6)Split– Split Transform basically used to split the string based on the provided delimiter. This transform is often useful when you want to split combined names into their constituent parts or when you want to simplify an ordered list of values into a single attribute.

7)Leftpad – Left pad transform to pad the string left side with a user-supplied character out to a specific number of characters. This transform is often useful for data normalization situations.  such as user IDs are not uniform in length.

8)Right pad– Right pad transform to pad the string right side with a user-supplied character out to a specific number of characters. This transform is often useful for data normalization situations.  such as user IDs are not uniform in length.

9)Replace– Replace transform is used for replace the specific string based on the provided regex.

10)Replace All– Replace All transform used to replace the string based on the provided table attribute of key-value pairs as an argument.

11)Upper– Upper transform use to convert an string into uppercase letters.

12)Lower– Lower transform use to convert an string into lowercase letters.

13)Static– Static transform is use to return a fixed string value, or more commonly, to evaluate Velocity. Static transform can also take other dynamically provided variables as inputs into the value attribute.

14)Last Index of – The  last index of transform is used to get the last location of a specific substring.

15)Trim– Trim transform used to trim whitespaces from both the beginning and ending of input strings.

16)Get End of String– Get end of string transform as an out-of-the-box rule transform provided through SailPoint’s Cloud Services Deployment Utility rule. The transform allows you to get the rightmost N characters of a string.

17) Decompose Diacritial Marks– Decompose Diacritial marks transform is used to remove the diacritical marks.

18)E.164 phone transform:- The E.164 phone transform is used to convert an incoming phone number string into an E.164-compatible number.

Date Operation

Under the date operation there are three transform.

 1)Date compare , 2)Date format , 3)Date Math.

1)Date compare:-The date compare transform is used to compare two dates and, depending on the comparison it will return the one value accordingly.

For comparing the date we can use some of the operation like:- Less than , Less than or equal to , greater than and Greater than or equal to.

 We can use the date compare for calculating the Life cycle state.

2)Date Format:- The date format transform is used to convert datetime strings from one format to another. It is useful when you are syncing data from one system to another, because each application uses a different format for date and time data.

3)Date Math:- Date Math transform can be used for performing mathematical operation like addition, subtractions and rounding of a timestamp.

 It also allows you to work with a referential value of “now” to run operations against the current date and time instead of a fixed value.

Generators

Under generators Transform there are six different transforms are present.

Under generators Transform there are six different transforms are present.

1)Generate Random String- Generate Random String Transform provided through SailPoint’s Cloud Services Utility rule. This transform allow us to generate a random string of any length.

2) Random Alphanumeric:- The random alphanumeric transform is used to generate a random string of any provided length, if we do not provide the length it will give the default output that is 32 char. comprising both numbers and letters (both lowercase and uppercase). The maximum allowable value is 450 characters.

3)Username Generator:- To set the logic to use when it determines a unique value for an attribute in an account create profile, utilize the username generator transform. The logic of the generator can be as basic as combining elements of an HR record or the user’s name.

4)Name normalizer:- The name normalizer transform is used to clean or standardize the spelling of strings coming in from source systems. The most common use for this transform is for names.

5)Random Numeric:- The random numeric transform is used to generate a random number of any length. The transform defaults value is 10 char. and maximum allowable value is 450 characters.

6)UUID Generator:-The UUID generator transform is use to create a universal unique ID (UUID) in the form of a 36-character string.

Extending Transforms

Under extending transforms there are two transforms.

1)Reference transform:- The reference transform is used to reuse a transform that has already been written within another transform. We can use this transform when you want to repeat the same logic multiple times within other transforms.

2)Rule Transform:- Rule transform allows you to reuse logic that has already been written for a previous use case. you can use the rule transform to reuse code contained within a Generic rule.

Rules Vs Transforms

Transforms

  • Transforms are JSON-based configurations, editable with IdentityNow’s transform REST APIs.
  • It supports complex logic to modify aggregation and provisioning process.
  • We can view, create, edit, and delete transforms directly via REST API without any involvement of SailPoint.

Rules

  • Rules are implemented with code (typically BeanShell, a Java-like syntax).
  • It support more complex logic.
  • By creating Rules there is involvement of Sailpoint for cloud rules.

Mahesh Mukku

Leave a Reply

Your email address will not be published. Required fields are marked *