scripts/Update-IdentityNowGovernanceGroup.ps1

function Update-IdentityNowGovernanceGroup {
    <#
.SYNOPSIS
    Add or Remove member(s) from an IdentityNow Governance Group.
 
.DESCRIPTION
    Add or Remove member(s) from an IdentityNow Governance Group.
 
.PARAMETER groupID
    (required) The Governance Group ID to update.
 
.PARAMETER update
    (required - JSON) The details of members to add and/or remove.
    e.g
 
.EXAMPLE
    Update-IdentityNowGovernanceGroup -groupID "8b155c95-cda6-4dc9-9f62-e73c24019c57" -update "{"add": ["2c91808869110cc901694377a7ce5def","2c91808869110cc901694381c5612657"],"remove": ["2c91808869110cc901694381c5618319"]}"
 
.EXAMPLE
    $govGroups = Get-IdentityNowGovernanceGroup
    $IDNGovGroup = $govGroups | Select-Object | Where-Object {$_.description -like "*My Gov Group*"}
    $groupID = $IDNGovGroup[0].id
 
    $user1 = Search-IdentityNowUsers -query "@accounts(accountId:darrenjrobinson)"
    $user2 = Search-IdentityNowUsers -query "@accounts(accountId:ricksanchez)"
    $user3 = Search-IdentityNowUsers -query "@accounts(accountId:mortysmith)"
 
    $add=@()
    $remove=@()
    $add += $user1.id
    $add += $user2.id
    $remove += $user3.id
 
    $update = (@{
        add = $add
        remove = $remove
    }) | convertto-json
 
    Update-IdentityNowGovernanceGroup -groupID $groupID -update $update
 
.LINK
    http://darrenjrobinson.com/sailpoint-identitynow
 
#>


    [cmdletbinding()]
    param(
        [Parameter(Mandatory = $true, ValueFromPipeline = $true)]
        [string]$groupID,
        [Parameter(Mandatory = $true, ValueFromPipeline = $true)]
        [string]$update
    )

    # v2 Auth
    $clientSecretv2 = [System.Runtime.InteropServices.marshal]::PtrToStringAuto([System.Runtime.InteropServices.marshal]::SecureStringToBSTR($IdentityNowConfiguration.v2.Password))
    $Bytes = [System.Text.Encoding]::utf8.GetBytes("$($IdentityNowConfiguration.v2.UserName):$($clientSecretv2)") 
    $encodedAuth = [Convert]::ToBase64String($Bytes) 

    $Headersv2 = @{Authorization = "Basic $($encodedAuth)"; "Content-Type" = "application/json" }

    try {
        $UpdateGovGroup = Invoke-RestMethod -Method Post -Uri "https://$($IdentityNowConfiguration.orgName).api.identitynow.com/v2/workgroups/$($groupID)/members" -Headers $Headersv2 -Body $update
        return $UpdateGovGroup 
    }
    catch {
        Write-Error "Failed to update Governance Group. Check group details. $($_)" 
    }
}