Use REST APIs to Evaluate Provisioning Rules
To build an application that evaluates provisioning rules as you assign roles to users, use a method called Create a rules check for role assignments (whose technical name is runUserRoleCheck). It's available in the Provisioning Rules REST API.
-
Your application would pass in a user name and the codes for roles requested for that user.
-
The API returns codes for roles that meet two requirements: First, they're requested for, or already assigned to, the user identified in the request. Second, provisioning rules define the roles as conflicting. Or, if no rules were violated, the API returns "No Violations."
Your application can also use other REST APIs to provide user information in addition to the user name. For example, among Common Features REST APIs, a Users task provides a Get a user method.
See REST API documentation for more information.