Identity Cloud

Variables available to role assignment scripts

The optional onAssignment and onUnassignment event scripts specify what should happen to attributes that are affected by role assignments when those assignments are applied to a user, or removed from a user.

These scripts have access to the following variables:

  • sourceObject

  • targetObject

  • existingTargetObject

  • linkQualifier

  • attributeName

  • attributeValue

  • attributesInfo

Role assignment scripts must always return targetObject, otherwise other scripts and code that occur downstream of your script will not work as expected.
Copyright © 2010-2023 ForgeRock, all rights reserved.