Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Issue in Provisioning Add Access Tasks for Azure AD

kishoreponnuru
New Contributor
New Contributor

Hello Everyone,

As per our project requirement, we are integrating the Azure Ad application to Saviynt via Azure AD connector. At the moment we are performing only the "assign access & remove access" operation here.

I have used the below JSONS to assign access to a user account but after the provisioning, Saviynt is not assigning the access and tasks remain in the pending  state without any provisioning error or comments but I can see the count of the number of provisioning tries. Even in the logs I am unable to find the error. Please refer to the attached code, logs, and screenshots.

Add Access:

{

"call": [{

"name": "AADGroup",

"connection": "userAuth",

"url": https://graph.microsoft.com/v1.0/groups/${entitlementValue.entitlementID}/members/\\$ref,

"httpMethod": "POST",

"httpParams": "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/${account.accountID}\"}",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json",

"successResponses": {

"statusCode": [

200,

201,

204,

205

]

}

},

{

"name": "DirectoryRole",

"connection": "userAuth",

"url": https://graph.microsoft.com/v1.0/directoryRoles/${entitlementValue.entitlementID}/members/\\$ref,

"httpMethod": "POST",

"httpParams": "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/${account.accountID}\"}",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json",

"successResponses": {

"statusCode": [

200,

201,

204,

205

]

},

"unsuccessResponses": {

"odata~dot#error.code": [

"Request_BadRequest",

"Authentication_MissingOrMalformed",

"Request_ResourceNotFound",

"Authorization_RequestDenied",

"Authentication_Unauthorized"

]

}

}

]

}

Please help us.

Regards,

Kishore.

 

2 REPLIES 2

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @kishoreponnuru,

Is it working in postman, If yes please provide the response.

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

rushikeshvartak
All-Star
All-Star

try below json

{

"call": [{

"name": "AADGroup",

"connection": "${connectionName}",

"url": https://graph.microsoft.com/v1.0/groups/${entitlementValue.entitlementID}/members/\\$ref,

"httpMethod": "POST",

"httpParams": "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/${account.accountID}\"}",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json",

"successResponses": {

"statusCode": [

200,

201,

204,

205

]

}

},

{

"name": "DirectoryRole",

"connection": "userAuth",

"url": https://graph.microsoft.com/v1.0/directoryRoles/${entitlementValue.entitlementID}/members/\\$ref,

"httpMethod": "POST",

"httpParams": "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/${account.accountID}\"}",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json",

"successResponses": {

"statusCode": [

200,

201,

204,

205

]

},

"unsuccessResponses": {

"odata~dot#error.code": [

"Request_BadRequest",

"Authentication_MissingOrMalformed",

"Request_ResourceNotFound",

"Authorization_RequestDenied",

"Authentication_Unauthorized"

]

}

}

]

}

Plea


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.