Update Jan 2020. This report can now be easily generated using the SailPoint IdentityNow PowerShell Module and the New-IdentityNowSourceConfigReport cmdlet
In this post from earlier in the week I detailed leveraging the SailPoint IdentityNow APIs to retrieve IdentityNow Sources, and their configuration. This post takes that a little further, backing up the configuration and also creating a friendly HTML Report with each Sources’ Configuration and Schema. The resulting HTML Report that is dynamically created reports on all Sources in an IdentityNow Tenant Org and looks like the image below.
After selecting a Source you can then expand a report section for the Source Details and another for the Schema. Each Source and then Source Details and Source Schema is a collapsible DIV toggled by the link. A snippet of a Source Details output for a Generic Source looks like the image below.
A snippet of a Source Schema output for a Generic Source looks like the image below.
The Script
This script assumes you are able to access the IdentityNow APIs as detailed in this post here. You will need to use that process to access the Sources APIs and have the necessary JWT Access Token to execute these API requests.
The report features an image. Here is the one I created. Download it and put it in the root of the output folder where the reports will be created.
Make the following updates to the script:
- Line 10 for the path to the Image file you saved from above
- Line 17 for the base output path (sub directories are created for the date/time of each execution) for the Report and Configuration Backups
The Output
Following execution of the script a sub-directory under your directory path is created and you will find the HTML Report along with two files for each Source. An XML export of the Source Details and the Source Schema. If you need to inspect a configuration that has been exported you can use the Import-Clixml -Path “path to the exported xml file” to import it into PowerShell and inspect it.
Summary
Put the execution of this script on a schedule whilst you are in the development/configuration phase of your IdentityNow deployment and you will get automated configuration reports and backups that can be reviewed if you need to roll-back or just see what changes have been made over time.