[Bug] Documentation for Before and After connector rules is completely incorrect

[NBIX-Matt-DeWall]

This page https://developer.identitysoon.com/idn/docs/rules/connector-rules/before-and-after-rule-operations suggests that the rule setup and payload for connector rules follow an XML structure like so...

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
 <Rule language="beanshell" name="SampleSource BeforeCreate" type="ConnectorBeforeCreate">
  <Attributes>
   <Map>
    <entry key="ObjectOrientedScript" value="true" />
    <entry key="disabled" value="false" />
    <entry key="extension" value=".ps1" />
    <entry key="program" value="powershell.exe" />
    <entry key="timeout" value="300" />
   </Map>
  </Attributes>
  <Description>
   This is an IQService afterScript - On a successful provisioning event, this after script should be used as the starting point to
            initiate a separate PowerShell script residing on the client's IQService server.

            Configuration tasks include the following:
             - Set a proper location for the $logFile variable.
             - Set the proper script location and name for the $command variable.
             - Set the $enableDebug flag to $true or $false to toggle debug mode.
  </Description>
  <Source>
<![CDATA[

$logDate = Get-Date -UFormat "%Y%m%d"
$logFile = "c:\SailPoint\Scripts\Logs\ConnectorAfterCreate_$logDate.log"
$command = "c:\SailPoint\Scripts\SampleSource-AfterCreate.

However, the actual payload to the API is not even close. The XML stuff is converted to attributes, the script is in its own block. This is so not clear and luckily I discovered it on the developer forum here: https://developer.sailpoint.com/discuss/t/error-executing-after-modify-ad-rule-after-script-returned-non-zero-exit-code-255/67381

{
    "description": "Rule powershell after operation",
    "type": "ConnectorAfterModify",
    "signature": {
        "input": [
            {
                "name": "Application",
                "description": "Map of the application configuration.",
                "type": "System.Collections.Hashtable"
            },
            {
                "name": "Request",
                "description": "Reference to the account request provisioning instructions.",
                "type": "SailPoint.Utils.objects.AccountRequest"
            },
            {
                "name": "Result",
                "description": "Reference to the provisioning result that can be manipulated if necessary.",
                "type": "SailPoint.Utils.objects.ServiceResult"
            }
        ],
        "output": null
    },
    "sourceCode": {
        "version": "1.0",
        "script": "\"SomeTeste\" | Out-File \"c:\\SailPoint\\SampleSourceBeforeCreateScript.log\" -Append"
    },
    "attributes": {
            "ObjectOrientedScript": "true",
            "extension": ".ps1",
            "sourceVersion": "2021-02-22 18:18:20",
            "disabled": "false",
            "program": "powershell.exe",
            "timeout": "300"
    },
    "id": "6f9f59967fc740c7a32a9c21a8c41da0",
    "name": "ADAfterModify",
    "created": "2024-06-18T14:27:27.866Z",
    "modified": "2024-06-18T14:27:27.866Z"
}

Please update this documentation, the XML stuff appears to be a big holdover from the IdentityIQ product and just set 4 hours of time on fire trying to wade through error messages, debug logs, and forums trying to figure out what was wrong when I was following the documentation.

[jordan-violet-sp]

This issue has been mentioned on SailPoint Developer Community. There might be relevant details there:

https://developer.sailpoint.com/discuss/t/error-executing-after-modify-ad-rule-after-script-returned-non-zero-exit-code-255/67381/4

[NBIX-Matt-DeWall]

Hi @jordan-violet-sp - yes thank you. That's was where I found my resolution. The official docs are just not even in the same ballpark, which is why I had to go searching in the dev forums. This is a request to help others. :) Thanks!