Hello All,

I am trying to add the provisioned user to the group according to the attribute that I'm getting from an Identity Provider. I have written an onAfter transform script (given below) for this, but the insert function is not working.

(function runTransformScript(source, map, log, target /*undefined onStart*/ ) {
    // Add your code here
    try {
        if (action == 'insert') {
            if (target.sys_class_name == "sys_user") {
                // add users to appropriate groups
				var role = source.role; //role is a attribute from IdP
				gs.log("onAfter: " + role); //log have the correct sys_id

                var userGroup = lookupRole(role); //Call to the function

				gs.log("onAfter Group: " + userGroup); //log have the correct sys_id
				
                var internalUser = new GlideRecord("sys_user_grmember");
                internalUser.initialize();
                internalUser.user = target.sys_id;
                internalUser.group = userGroup;
                internalUser.insert();
            }
        }

    } catch (err) {
         gs.log("onAfter User Provisioning: " + err, "AG");
    }

    function lookupRole(role) {
        if (role == "Infra_Admin") {
             var roleGroup = gs.getProperty('idp.administrator_group.role');
        } else if (role == "App_Support") {
            roleGroup = gs.getProperty('idp.agent_group.role');
        } else {
            roleGroup = gs.getProperty('idp.internal_group.role');
        }
        return (roleGroup);
    }

})(source, map, log, target);

(All the sys_id are coming up properly in the above script)
 

I checked further and we have a Role Management v2 Plugin is enabled and there is a OOO BR called 'Group Member Add' which is stopping the record insert (tested with disabling the BR).

Is there any way I can complete the requirement without changing the OOO BR?

Thanks & Regards