scripts/New-IdentityNowCertCampaign.ps1

function New-IdentityNowCertCampaign {
    <#
.SYNOPSIS
    Create an IdentityNow Certification Campaign.
 
.DESCRIPTION
    Create an IdentityNow Certification Campaign.
 
.PARAMETER campaign
    (required - JSON) IdentityNow Campaign for creation.
     
.PARAMETER start
    (required - Boolean) Start IdentityNow Campaign after creation.
    Default: False
 
.EXAMPLE
    New-IdentityNowCertCampaign -start $false -campaign
 
.EXAMPLE
    New Certification Campaign using ID of the campaign (ID not campaignFilterId)
    New-IdentityNowCertCampaign -campaignID 2c9180856708ae38016709f4812345c3
 
.LINK
    http://darrenjrobinson.com/sailpoint-identitynow
 
#>


    [cmdletbinding()]
    param(
        [Parameter(Mandatory = $true, ValueFromPipeline = $true)]
        [string]$campaign,
        [Parameter(Mandatory = $false, ValueFromPipeline = $true)]
        [boolean]$start = $false
    )
    
    # IdentityNow Admin User
    $adminUSR = [string]$IdentityNowConfiguration.AdminCredential.UserName.ToLower()
    $adminPWDClear = [System.Runtime.InteropServices.marshal]::PtrToStringAuto([System.Runtime.InteropServices.marshal]::SecureStringToBSTR($IdentityNowConfiguration.AdminCredential.Password))
    Write-Debug $adminUSR
    Write-Debug $adminPWDClear
    # Generate the password hash
    # Requires Get-Hash from PowerShell Community Extensions (PSCX) Module
    # https://www.powershellgallery.com/packages/Pscx/3.2.2
    $passwordHash = Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($($adminPWDClear) + (Get-Hash -Algorithm SHA256 -StringEncoding utf8 -InputObject ($adminUSR)).HashString.ToLower())
    $adminPWD = $passwordHash.ToString().ToLower() 
    
    $clientSecretv3 = [System.Runtime.InteropServices.marshal]::PtrToStringAuto([System.Runtime.InteropServices.marshal]::SecureStringToBSTR($IdentityNowConfiguration.v3.Password))
    # Basic Auth
    $Bytesv3 = [System.Text.Encoding]::utf8.GetBytes("$($IdentityNowConfiguration.v3.UserName):$($clientSecretv3)")
    $encodedAuthv3 = [Convert]::ToBase64String($Bytesv3)
    $Headersv3 = @{Authorization = "Basic $($encodedAuthv3)" }
    
    # Get v3 oAuth Token
    # oAuth URI
    $oAuthURI = "https://$($IdentityNowConfiguration.orgName).api.identitynow.com/oauth/token"
    $v3Token = Invoke-RestMethod -Method Post -Uri "$($oAuthURI)?grant_type=password&username=$($adminUSR)&password=$($adminPWD)" -Headers $Headersv3 

    if ($v3Token.access_token) {
        try {
            $createResult = Invoke-RestMethod -Method Post -Uri "https://$($IdentityNowConfiguration.orgName).api.identitynow.com/cc/api/campaign/create" -Headers @{Authorization = "$($v3Token.token_type) $($v3Token.access_token)"; "Content-Type" = "application/json" } -Body $campaign
            # Give IDN a chance to create the campaign. May need longer for very large campaigns
            start-sleep -Seconds 15
            if ($createResult) {
                $campaignStatus = Invoke-RestMethod -Method Get -Uri "https://$($IdentityNowConfiguration.orgName).api.identitynow.com/cc/api/campaign/get/$($createResult.id)" -Headers @{Authorization = "$($v3Token.token_type) $($v3Token.access_token)" }                                    
                if ($start) {
                    [int]$i = 0
                    do {
                        start-sleep -Seconds 5
                        $campaignStatus = Get-IdentityNowCertCampaign -campaignID $createResult.id -completed $false                         
                        $i++
                    } until ($campaignStatus[0].phase.Equals("Staged") -or ($i -eq 12))
                    
                    if ($campaignStatus[0].phase.Equals("Staged")) {
                        # Activate Campaign
                        $tz = ($campaign | convertfrom-json).timeZone
                        Add-Type -AssemblyName System.Web
                        $tzEncoded = [System.Web.HttpUtility]::UrlEncode($tz)

                        $activateBody = "campaignId=$($createResult.id)&timeZone=$($tzEncoded)"
                        Invoke-RestMethod -Method Post -Uri "https://$($IdentityNowConfiguration.orgName).api.identitynow.com/cc/api/campaign/activate" -Body $activateBody -Headers @{Authorization = "$($v3Token.token_type) $($v3Token.access_token)" }                                    
                        
                        # Give IDN a chance to activate the campaign. May need longer for very large campaigns
                        start-sleep -Seconds 15
                        $campaignStatus = Get-IdentityNowCertCampaign -campaignID $createResult.id -completed $false
                        return $campaignStatus                        
                    }
                }
                else {
                    return $campaignStatus
                }
            }
        }
        catch {
            Write-Error "Failed to create Certifcation Campaign. $($_)" 
        }
        else {
            Write-Error "Authentication Failed. Check your AdminCredential and v3 API ClientID and ClientSecret. $($_)"
            return $v3Token
        }
    }
}