Sailpoint

This is an unofficial tool for interactiving with Sailpoints IdentityIQ’s API interface. This gem assumes your IdenityIQ API is setup to authenticate using BasicAuth headers. If you require credentials for your SailPoint (IdenitityIQ) interface, I suggest contacting your system administrator before continuing any farther.

Note: This gem doesn't include all possible IdentityIQ API requests, primarmly due to last of authorization to access much else. If you happen to have additional access to an IdentitiyIQ API it would be very much appreciated if you contributed any additional API requests.

Installation

Add this line to your application's Gemfile:

# Gemfile
gem 'sailpoint'

And then execute:

bundle install

Usage

Before attempting to use the Sailpoint API you'll need to contact your system admin and get a set of API credentials. Every application should have a unique set of credentials, that way if any one application is compromised you don't have to roll the credentials on a number of applications. I would also suggest setting these credentials in your rails encrypted credentials as the following.

sailpoint:
  username: sample_user
  password: sample_password

To access these credentials throughout the application you can access them with the following references:

Rails.application.credentials[:sailpoint][:username]
Rails.application.credentials[:sailpoint][:password]

Running as a ruby script

If running from irb or wanting to call the IdentityIQ API from a ruby script use the following method to access the IdentityIQ API

require 'sailpoint'

# In order to make any API requests you need to specify the IdentityIQ API Host and set you API credentials
Sailpoint.configure do |config|
  config.username = 'api_username'
  config.password = 'api_password'
  config.host = 'https://example.com'
end

By default this will pull users from the REST API If you want to pull from the SCIM API there are a number of ways to do this as well

# First method
Sailpoint.get_user('sample_user')

# Second method
# Note: When reassigning the API interface future queries will hit the new API endpoint unless specified
Sailpoint::Rest.get_user('sample_user')

# Third method (and my personal favorite to use without assigning the interface)
Sailpoint::Scim.get_user('sample_user')

Using this gem with Rails

Lets first start by creating an initializer so you don't have to set the API configuration every time you want to make an API request.

# config/initializers/sailpoint.rb
if defined?(Sailpoint)
  Sailpoint.configure do |config|
    config.username = 'api_username'
    config.password = 'api_password'
    config.host = 'https://example.com'
  end
end

If you're using encrypted credentials

if defined?(Sailpoint)
  Sailpoint.configure do |config|
    config.username = Rails.application.credentials[:sailpoint][:username]
    config.password = Rails.application.credentials[:sailpoint][:password]
    config.host = 'https://example.com'
  end
end

Now in your controller or models you should be able to make an API request with the following command

Sailpoint.get_user('sample_user')

General function calls

Configuration

Interface specific function calls

SCIM

REST

# Rebuilding the gem to test in a required IRB term
gem uninstall sailpoint; rm -rf sailpoint-0.1.0.gem; gem build; gem install sailpoint

API Documentation

Contributing

Bug reports and pull requests are welcome on Github at github.com/tarellel/sailpoint

License

The gem is available as open source under the terms of the MIT License.