Re: Multiple API calls for single user in netiq rest Driver - Micro Focus Community

YagnaSri · ‎2021-01-04

Hi ,

Actually my requirement i have to perfrom multiple API calls for single user where the output of previous API call will be the input of next API call.

For Example:

API Call 1 : Admin Login which stores cookie

API Call 2(Get Call) : Once the above call is success in this API call we are getting unique id of user

API Call 3 : Based on the API call 2 unique id I'll create/ delete user

As i am able to perfrom upto API call 2 from driver . But after API Call 2 transaction is getting ended so it's not going to Subscriber channel to execute API Call 3 using policies and rules in netiq rest driver.

Please let me know how to continue Driver transaction after API call 2

pdeneu · ‎2021-01-04

Hello,

whats up in the trace?

Your second call is a query from the subscriber channel and the result is empty/null?

Normaly its not problem to execute mulitple calls from differennt commands, but it depentes on you api which result will be returned.

Regards and happy new year,

Philipp

--
https://www.lanworks.de

YagnaSri · ‎2021-01-05

2nd call is query and i'm getting response as 200 (success)

geoffc · ‎2021-01-04

The issue you are facing is how to chain events together. Especially when they need to run in sequence.

One approach might be, if the first event can be considered a query. Start your Sub channel event, IDV event1. Then in the Sub channel somewhere (ETp. CP, CTP whatever) you query (REST event 1), result comes back, pick it apart and get what you need. Still working on IDV event 1, you now use that info from REST event 1 to query something else, and the result comes back. (REST Event 2). Or you send a add dest attr (direct=true) so REST event 3 happens. Still in IDV event 1. Finally the original event hits the OTP and become sa REST call.

Or you could have IDV event 1, process, do something, result comes back and modify the IDV object. Some other driver sees the change and touches it somehow. This kicks your REST driver off with IDV event 2, to kick of REST event 2. And repeat until complete.

al_b · ‎2021-01-04

The issue can be related to the type of commands, that you trying to execute.
If you use the "query-based" command - it will be executed immediately (from the point in your code, where you run the query) and it will return results, that can be processed by the next line in your policy.
If you run "other" tokens, that required interaction with "external systems" (direct/add before/add after) - it really "executed" at the end of the policy.
You can "split" your "monolithic" policy into 3 separate policies that will process your business logic.
Another option (with 2 drivers, like Geoffrey suggested) can be easy for implementation.

YagnaSri · ‎2021-01-05

If Possible can you please provide any reference to it so that it'll helpful to me

YagnaSri · ‎2021-01-05

Can you please provide any reference for it so that it'll be useful

al_b · ‎2021-01-05

I'm not aware about about real reference to this info.
Documentation just talking about specific mode:
Select whether this action should be added to, before, or after the current operation, or written directly to the destination data store.
https://www.netiq.com/documentation/identity-manager-47/policy_designer/data/dosetdestinationattrvalue.html

You can see this behavior in the trace.
"Direct" command requested in the middle of the policy, but executed only in the end (when policy process finished).
--------------------
xxx2xxx : Direct command from policy
xxx2xxx :
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product version="4.8.2.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<modify class-name="User" dest-dn="\xxx\xxx\xxx\rcan" dest-entry-id="2464912" event-id="lx-145#20210105000658#1#1:04cca01a-7a8a-4046-81b1-1aa0cc048a7a">
<modify-attr attr-name="Internet EMail Address">
<remove-all-values/>
<add-value>
<value type="string">Rod.Can@xxx.com</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>
xxx2xxx : Direct command from policy result
xxx2xxx :
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product version="4.8.2.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<output>
<status level="success"></status>
</output>
</nds>
xxx2xxx :Policy returned:
xxx2xxx :
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product version="4.8.2.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<modify cached-time="20210105000658.693Z" class-name="User" event-id="lx-145#20210105000658#1#1:04cca01a-7a8a-4046-81b1-1aa0cc048a7a" qualified-src-dn="O=xxx\OU=xxx\CN=rcan" src-dn="\xxx\xxx\xxx\rcan" src-entry-id="2464912" timestamp="1609805218#2">
<operation-data opStartTime="1609805218913"/>
<modify-attr attr-name="Internet EMail Address">
<remove-all-values/>
<add-value>
<value type="string">Rod.Can@xxx.com</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>