Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

BasicAuthwithAccessToken Connection json - Authentication failed

IAM-Vaibhav
New Contributor III
New Contributor III

Hi @saviynt Team,

Request you to look into this on priority.

Attaching the connection JSON : Connection JSON for application .

{ "authentications": { "acctAuth": { "authType": "BasicWithAccessToken", "url": "https:///ws/rest/service/v1/login", "httpMethod": "GET", "httpHeaders": { "Accept": "application/json", }, "properties": { "userName": "<>", "password": "<>" }, "httpContentType": "application/json", "expiryError": "ExpiredAuthenticationToken", "authError": [ "InvalidAuthenticationToken", "AuthenticationFailed", "Authentication_MissingOrMalformed", "Authentication_ExpiredToken" ], "retryFailureStatusCode": [403,401,500], "timeOutError": "Read timed out", "errorPath": "Error.Message", "maxRefreshTryCount": 6, "tokenResponsePath": "token", "tokenType": "Bearer", "accessToken": "Bearer abcd", "retryFailureStatusCode": [ 401 ] } } }

Could you please check and let me know what I missed. 

 

 

Logs : DEBUG services.HttpClientUtilityService - called executePostRequestWithHeaders for api... 2023-10-12/07:26:12.659 [{}] [quartzScheduler_Worker-15] DEBUG services.HttpClientUtilityService - after calling executeRequestWithHeaders for api... 2023-10-12/07:26:12.659 [{}] [quartzScheduler_Worker-15] DEBUG services.HttpClientUtilityService - called api... 2023-10-12/07:26:12.659 [{}] [quartzScheduler_Worker-15] DEBUG services.HttpClientUtilityService - timeout validated for api... 2023-10-12/07:26:12.659 [{}] [quartzScheduler_Worker-15] DEBUG services.HttpClientUtilityService - got response for api... 2023-10-12/07:26:12.659 [{}] [quartzScheduler_Worker-15] DEBUG rest.RestUtilService - Got showLogs = true 2023-10-12/07:26:12.659 [{}] [quartzScheduler_Worker-15] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Date: Thu, 12 Oct 2023 07:26:12 GMT, Content-Length: 12, Content-Type: text/html; charset=UTF-8, WWW-Authenticate: Bearer, X-Content-Type-Options: nosniff, X-Frame-Options: DENY], responseText:Unauthorized, cookies:[], statusCode:401] 2023-10-12/07:26:12.659 [{}] [quartzScheduler_Worker-15] DEBUG rest.RestUtilService - pullObjectsByRest - responseStatusCode ::401

updating new connection json :

Connection JSON for application .
{
"authentications":
{
"acctAuth": {
"authType": "BasicWithAccessToken",
"url": "https://<ServerName>/ws/rest/service/v1/login",
"httpMethod": "GET",
"httpHeaders": {
"Accept": "application/json",
},
"properties": {
"userName": "<<username>>",
"password": "<<PWD>>"
},
"httpContentType": "application/json",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken"
],
"retryFailureStatusCode": [403,401,500],
"timeOutError": "Read timed out",
"errorPath": "Error.Message",
"maxRefreshTryCount": 6,
"tokenResponsePath": "token",
"tokenType": "Bearer",
"accessToken": "Bearer abcd",
"retryFailureStatusCode": [
401
]
}
}
}

[This message has been edited by moderator to merge reply comment]

Regards,
Vaibhav Patil
If this helps you, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
12 REPLIES 12

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @IAM-Vaibhav,

Can you please try with the post call, also make sure the response path is correct,
{
"authentications": {
"acctAuth": {
"authType": "BasicWithAccessToken",
"url": "https://<ServerName>/ws/rest/service/v1/login",
"httpMethod": "POST",
"httpHeaders": {
"Accept": "application/json"
},
"properties": {
"userName": "<<username>>",
"password": "<<PWD>>"
},
"httpContentType": "application/json",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken"
],
"retryFailureStatusCode": [403, 401, 500],
"timeOutError": "Read timed out",
"errorPath": "Error.Message",
"maxRefreshTryCount": 6,
"tokenResponsePath": "token",
"tokenType": "Bearer",
"accessToken": "Bearer abcd",
"retryFailureStatusCode": [
401
]
}
}
}
If this doesn't work please share the postman reponse as well.

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

IAM-Vaibhav
New Contributor III
New Contributor III

Hi @sudeshjaiswal  ,

Thanks for your reply. As suggested, i did try with POST request in the response I got method not allowed error message.

Below is the response of the login API when successfully got called.

IAMVaibhav_0-1697522825132.png

 

 

Regards,
Vaibhav Patil
If this helps you, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @IAM-Vaibhav,

Thanks for sharing the postman response, Please try use the below sample json and modify accordingly.

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "url",
"httpMethod": "GET",
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic c3VkZXNoOnBhc3N3b3Jk"
},
"httpContentType": "application/x-www-form-urlencoded",
"expiryError": "Access token is expired.",
"authError": [
"ExpiredAuthenticationToken",
"Access token is expired.",
"InvalidAuthenticationToken",
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed",
"HTTP ERROR: 401"
],
"refreshType": "RefreshToken",
"refreshTokenResponsePath": "refresh_token",
"refreshToken": "",
"timeOutError": "Read timed out",
"errorPath": "message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401
],
"accessToken": "Bearer fghjkascghjk"
}
}
}

and in the authorization i have encoded it using base 64
## Get the token from encoding to base64
https://www.base64encode.org/ 
I have added the screenshot for your reference. How to generate the authorization token
Give username:password as shown below

sudeshjaiswal_0-1697526736243.png

 

 

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Hi @sudeshjaiswal ,

 

i tested your suggestion, still getting same error.

2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG services.HttpClientUtilityService - after calling executeRequestWithHeaders for api...
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG services.HttpClientUtilityService - called api...
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG services.HttpClientUtilityService - timeout validated for api...
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG services.HttpClientUtilityService - got response for api...
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG rest.RestUtilService - Got showLogs = true
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Date: Thu, 02 Nov 2023 10:02:43 GMT, Content-Length: 12, Content-Type: text/html; charset=UTF-8, WWW-Authenticate: Bearer, X-Content-Type-Options: nosniff, X-Frame-Options: DENY], responseText:Unauthorized, cookies:[], statusCode:401]
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG rest.RestUtilService - pullObjectsByRest - responseStatusCode ::401
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] ERROR rest.RestProvisioningService - Exception in pullObjectsByRest :401
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] ERROR rest.RestProvisioningService - Inside token Expiry Exception block. connectionParamMap.refreshTryCount : 1
2023-11-02/10:02:43.147 [{}] [quartzScheduler_Worker-10] DEBUG rest.RestProvisioningService - Incrementing connectionParamMap.refreshTryCount : 2

Regards,
Vaibhav Patil
If this helps you, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @IAM-Vaibhav

Can you please share your connection json, (Please mask the confidential information.)

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

IAM-Vaibhav
New Contributor III
New Contributor III

@sudeshjaiswal ,

 

Here is json :

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://hostname/ws/rest/service/v1/login",
"httpMethod": "GET",
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic <USER:PASSWORD in 64bit encode>"
},
"httpContentType": "application/x-www-form-urlencoded",
"expiryError": "Access token is expired.",
"authError": [
"ExpiredAuthenticationToken",
"Access token is expired.",
"InvalidAuthenticationToken",
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed",
"HTTP ERROR: 401"
],
"refreshType": "RefreshToken",
"refreshTokenResponsePath": "refresh_token",
"refreshToken": "",
"timeOutError": "Read timed out",
"errorPath": "message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401
],
"accessToken": "Bearer abc"
}
}
}

Regards,
Vaibhav Patil
If this helps you, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

IAM-Vaibhav
New Contributor III
New Contributor III

@sudeshjaiswal ,

Did you get a chance to check this.

 

 

Regards,
Vaibhav Patil
If this helps you, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @IAM-Vaibhav ,

Your connection json looks fine to me, 

but as per the log its is getting the 401 status code which indicates that the tokens/password are not passed correctly.

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

IAM-Vaibhav
New Contributor III
New Contributor III

Hi @sudeshjaiswal  ,

Thanks for the update, what would you suggest here, Could you please advise next steps from here.

regards ,

VP.

Regards,
Vaibhav Patil
If this helps you, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @IAM-Vaibhav,

Can you please try passing the credentials in HttpParams.
Please find the below sample.

{
    "authentications": {
        "userAuth": {
            "authType": "oauth2",
            "httpHeaders": {
                "Content-Type": "application/json"
            },
            "authError": [
                "AuthenticationFailed",
                "ExpiredJwtException",
                "401 Unauthorized",
                "401",
                "403",
                "400"
            ],
            "url": "https://hostname/ws/rest/service/v1/login",
            "httpMethod": "GET",
            "httpContentType": "application/json",
            "errorPath": "code",
            "maxRefreshTryCount": 6,
            "tokenResponsePath": "access_token",
            "tokenType": "Bearer",
            "authHeaderName": "Authorization",
            "accessToken": "Bearer sadasd",
            "httpParams": "{\"username\":\"admin\",\"password\":\"password\"}",
            "retryFailureStatusCode": [
                401,
                500,
                400,
                403
            ]
        }
    }
}


Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Hi @sudeshjaiswal  ,

Thanks for the reply. 

I tested this json and still the same issue.

 

2023-11-08/12:20:42.526 [{}] [quartzScheduler_Worker-3] DEBUG rest.RestProvisioningService - Calling Webservice Url - https://<hostname>/ws/rest/service/v1/admin/user/get with httpParams - null
2023-11-08/12:20:42.526 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - calling executeRequestWithTimeoutConfig for api...
2023-11-08/12:20:42.526 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - calling api...
2023-11-08/12:20:42.527 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - before calling executeRequestWithHeaders for api...
2023-11-08/12:20:42.527 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - isFipsEnabled = false
2023-11-08/12:20:42.527 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - getHttpClient - sslParams : null
2023-11-08/12:20:42.527 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - getHttpClient - proxyParams : null
2023-11-08/12:20:42.527 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - getHttpClient - sslSocketFactory : null
2023-11-08/12:20:42.527 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - setting connection timeout to 120 seconds and request timeout to 60 seconds
2023-11-08/12:20:42.527 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build() called.
2023-11-08/12:20:42.781 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - called executePostRequestWithHeaders for api...
2023-11-08/12:20:42.781 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - after calling executeRequestWithHeaders for api...
2023-11-08/12:20:42.781 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - called api...
2023-11-08/12:20:42.781 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - timeout validated for api...
2023-11-08/12:20:42.781 [{}] [quartzScheduler_Worker-3] DEBUG services.HttpClientUtilityService - got response for api...
2023-11-08/12:20:42.781 [{}] [quartzScheduler_Worker-3] DEBUG rest.RestUtilService - Got showLogs = true
2023-11-08/12:20:42.781 [{}] [quartzScheduler_Worker-3] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Date: Wed, 08 Nov 2023 12:20:42 GMT, Content-Length: 12, Content-Type: text/html; charset=UTF-8, WWW-Authenticate: Bearer, X-Content-Type-Options: nosniff, X-Frame-Options: DENY], responseText:Unauthorized, cookies:[], statusCode:401]

Regards,
Vaibhav Patil
If this helps you, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @IAM-Vaibhav,

Connections Json
 
{
    "authentications": {
        "acctAuth": {
            "authType": "oauth2",
            "url": "https://hostname/ws/rest/service/v1/login",
            "httpMethod": "GET",
            "httpHeaders": {
                "Content-Type": "application/x-www-form-urlencoded",
                "Authorization": "Basic <USER:PASSWORD in 64bit encode>"  <Copy the value directly from header in the postman and paste it here>
            },
            "httpContentType": "application/x-www-form-urlencoded",
            "expiryError": "Access token is expired.",
            "authError": [
                "ExpiredAuthenticationToken",
                "Access token is expired.",
                "InvalidAuthenticationToken",
                "USER_AUTHENTICATION_FAILED",
                "PARTNER_AUTHENTICATION_FAILED",
                "AuthenticationFailed"
            ],
            "timeOutError": "Read timed out",
            "errorPath": "message",
            "maxRefreshTryCount": 5,
            "tokenResponsePath": "token",
            "tokenType": "Bearer",
            "retryFailureStatusCode": [
                401
            ],
            "accessToken": "Bearer asdfghjkjhgfdsasdfgh"
        }
    }
}
 
AccounImportjson,
 
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://hostname:8205/ws/rest/service/v1/admin/user/get",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "POST",
"httpParams": []
},
"listField": "data",
"keyField": "accountID",
"statusConfig": {
"active": true,
"inactive": false
},
"colsToPropsMap": {
"accountID": "uuu_user_email~#~char",
"name": "uuu_user_email~#~char",
"customproperty2": "uuu_user_name~#~char",
"customproperty3": "uuu_user_status~#~char",
"customproperty4": "uuu_user_dateformat~#~char",
"customproperty5": "uuu_user_firstname~#~char",
"customproperty6": "uuu_user_lastname~#~char",
"customproperty7": "uuu_user_loginname~#~char",
"customproperty8": "uuu_user_proxy~#~char",
"customproperty9": "uuu_user_company~#~char",
"customproperty10": "empEmployeeRegHrsDA~#~char",
"customproperty11": "uuu_user_timezone_pref~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
}
},
"entitlementParams": {},
"acctEntParams": {}
}


Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".