Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

X-CSRF-TOKEN value is encoded and not passing to next call

jitendra_sharma
New Contributor
New Contributor

‎10/30/2023 07:31 AM - last edited on ‎11/02/2023 07:22 AM by Community Manager

Hello Team,

we are integrating SAP Fiori Application and need to make multiple depended on call for create account and ADD access Json. 

First call will get the token then token will be passed on another call or more 3 downstream calls.

Authentication call contain token in header response and also cookies is required to make next call successful.

So we have put just dummy json in authentication json field.  but we have token call as a first call in create and add access json call.

But we tried creating account call it give response two 200 but it does not create Account because creating account it should return 201 codes.

Then we have debug it and just tried first token call but in call i can see all the headers values are encoded. and x-csrf token is part of response header. i think because of that it is not passing to next call or null value is going to next.  

Get Token call : Passing in header ( x-csrf-toke=fetch  ) 

jitendra_sharma_0-1698675303227.png

jitendra_sharma_1-1698675311960.png

Response :  X-csrf-token is returning in header response. 

jitendra_sharma_2-1698675390161.png

This is get token call:

{
"accountIdPath": "accountName",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://xxxxxxx/sap/opu/odata/sap/CA_RSM_TEAM_SRV/C_RespyMgmtTeamHeaderTP?sap-client=300 ",
"httpMethod": "GET",
"httpHeaders": {
"Authorization": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"x-csrf-token": "fetch",
"Accept": "application/json",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201
]
}
}]}

Response in log : 2023-10-29/20:00:25.681 [{}] [quartzScheduler_Worker-2] DEBUG rest.RestProvisioningService - Task Response: {"call1":{"headers":"/1IWfRSwlbMXu27gVCH5yzRKnC+cvLmqblYkJ8D/TXtdfB6PK4zVTVStoy+RKXrZBtxJNeZYIoILGDnHJ0aER97WUefE4u+F5axoND6FGfMW5KYtjitrDHMNjRGWBmekm8ZZhrogvnXnVyLFEuMJJMzCWxBnlAzSNy/Ve9+NhVz0SRcY7jq/8nVY9qMhBkvzpPuVZkVGw1tbE/BsoWjNYtgUoKtwQ4+dr6g96bWf9XKlyJtFX9HTnyP8OSSV4ag74zEbIU7RCHG4Sa/x9S/TYtvpcUzxvIYZAsNjzcjlkO/3cdH3caRN0EcRd45hliFf7hJT0uhi8L3Y+3ZcEvBJfpQe/VzpXWXWlfQyTTGcQJzJoA/wNj+6tE5QAMmb9/0Aql9yp6xWdG2OV/8IszDichvMEh+tBxQztCvuoL6EaljQb1Nv78uKDAt1UN5C4X6aSaHv1ggIpIZSt7IqyZbEQ2XnJKO9j2Lg3yEAwFdAY9Pz2qwy2Dui9qrE4CsQXRQYgnJxES+lHsUZxrItV5dDgRFpdpWhgU5crt2VHKbbWkI9rcNBZADx9co/JxdxV2Og1TVKMA5I6j5pFfCkFXUopLtWVAPhnaFGlratKkpjCg5L7Zidx1pxKpcwlW6E1k37RSiVJgjsSfV/78njMLpMLi3p7VhJHN/VPH0OxoFlEUbhsx7bRBAySl88Yrm3jChktefx0txLDxoq9QABFS7hjrarG6HMDTcHzVxVk43nO22QU6e4cLgXJ4gxYxOcQNG6YXCD5DYl2w4RkqFgS30k4UmWyU8QrGQnKtToR5Fyhao0cdq25nawM4l1ENSNRzg56IWWteEYIPKNyHDS4gBm0Tt9N9ZsmDvUjExvVXGr4QZfJ2bbpMxsmeojBqdWvheWIietXLE+EIQf9ySl1GjUekaRw7O1sqFaNpKg1+RZvYEFDl4n0y/g4ys6/OXV/GGL/04vpGGYbrJBHY4y+7Z0blkelzMBRe7vUtSCCdyxpofvy0ffjtI5WzeF9z6qOPxlTop0e27kCy4uy3jmWqBsCLoFzFJ9Tm9KB+zvNHiJ1t2Z1ugPW0Eyj7rG8st4ZeCv1kRGZwzmwj2KA3k9VcHKfdYZEQ0AMtzl2PyNXqgtXjbCe1bYs7z5sNRJji5wdnAKqigFISadJ/qzhrgJkTiSSexMA/dLWcUqcHbZSJvbHZd3++DsJkFfH8j/kwaAtl8UWLOGHNwC3Bs7XMhUpgV/FnhZ9S5/GCA5+CohGweI91+XdT+OtLxPsNrL1sH+U+znFovtqgm6UWknruqK2GAlT/tL5IXS4pt7vicVp3iuV0CBCDF69dxXwZXrI/CP6g08yJEj6/S0lfyG0+M6Sw+DCqYbYI0vu6/ri6zftsD38HJZeXVKk0q+gCA0lU9mCwUJA8E6uaUzLSmLCi0A4vmBe9xH4I7UM/IS+bfCjfXE6mkEvpw53ha50UPSX+4HgHkNuaFt2H1NMaD8xb77vFsrc+R+XiYvqzZ6+JS010BV6IvqbHTquMspStwrD7/jU1DWJpk/nJwrYsAurYguK/OXy9CBXT1dt3vQGHE4uP+U1kre/A76mU3s4Ztpay8FHqJc2lsvGVeR9GUdLZkVNIHbMhPNSbPF4QEPs095ynw6ijzG0MDoLkVEe+c5bGqOc7/CyF6hXXYioEvgkrdhmK0/7CVeLS2c/QfxwUGXa7XcPA673v8PB8N3KfsURArXnFiFvLRag+j2BLRp2hSBX9J9zG5/WEnT0aQ8HTyIsS4wMCPhb0JpgLszFUsbcFmLGeSl7p+Eyg8vIEuXR2T7ASxWbSxle4wqxZDWNQ1WlYQlSg//EkeItdb2EsDk8nmuQ5YuS7/L1U3vuE5jA6GfGgLArg==","statusCode":200,"description":null,"status":"Success"},

All the header value is encoded and does not print x-csrf-token and i think because this it pass null to next call. 

"call2":{"headers":null,"message":{"responseMessage":"CSRF token validation failed"},"statusCode":403,"description":null,"status":"Failed"}}

{
"name": "call2",
"connection": "acctAuth",
"url": "https://xxxxxxxxx/sap/opu/odata/sap/ZRW_SAVYINT_APPRV_SRV/ZUserHeaderSet?sap-client=300 ",
"httpMethod": "POST",
"httpParams": "{\"UserName\":\"${user.username}\",\"Password\":\"Test@123456\",\"Uclass\":{\"Sysid\":\"1\"},\"UserLogondata\":{\"Gltgv\":\"20230907\",\"Gltgb\":\"99991231\"},\"ZNavToUserParameters\":[{\"Parid\":\"NDR\"}]}",
"httpContentType": "application/json",
"httpHeaders": {
"Authorization": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"Content-Type": "application/json",
"x-csrf-token": "${response.call1.headers.x-csrf-token}",
"Cookie": "SAP_SESSIONID_DE2_300=47RmZp46WcXZ20L5iRFARSsLlU92kxHuouHHZqS-Uws%3d; sap-usercontext=sap-client=300"
},
"successResponses": {
"statusCode": [
200,
201
]
}
}
]

question - Why x-csrf token is encoded or passing null to next call.? 

First it is Microsoft API and making SMAL call from Saviynt side then it is printing rest Api call response. Any has any idea why it is hitting microsoft and making smal request and which side it need to handle SAviynt or SAP  

2023-10-31/10:36:52.597 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Calling Webservice Url - https://xxxxxx/sap/opu/odata/sap/ZRW_SAVYINT_APPRV_SRV/ZUserHeaderSet?sap-client=300  with httpParxxxxams - [UserName:xxxxxxxxx, Password=******
2023-10-31/10:36:52.597 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - calling executeRequestWithTimeoutConfig for api...
2023-10-31/10:36:52.597 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - calling api...
2023-10-31/10:36:52.597 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - before calling executeRequestWithHeaders for api...
2023-10-31/10:36:52.598 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - isFipsEnabled = false
2023-10-31/10:36:52.598 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - getHttpClient - sslParams : null
2023-10-31/10:36:52.598 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - getHttpClient - proxyParams : null
2023-10-31/10:36:52.598 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - getHttpClient - sslSocketFactory : null
2023-10-31/10:36:52.598 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - setting connection timeout to 10 seconds and request timeout to 60 seconds
2023-10-31/10:36:52.598 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build()

2023-10-31/10:36:52.849 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - called executePostRequestWithHeaders for api...
2023-10-31/10:36:52.849 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - after calling executeRequestWithHeaders for api...
2023-10-31/10:36:52.849 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - called api...
2023-10-31/10:36:52.849 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - timeout validated for api...
2023-10-31/10:36:52.849 [{}] [quartzScheduler_Worker-18] DEBUG services.HttpClientUtilityService - got response for api...
2023-10-31/10:36:52.849 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestUtilService - Got showLogs = true
2023-10-31/10:36:52.849 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[set-cookie=******/; secure; HttpOnly, set-cookie=******/, content-type: text/html; charset=utf-8, content-length: 3340, cache-control: no-cache, no-store, must-revalidate, private, pragma: no-cache, expires: Thu, 01 Jan 1970 00:00:00 GMT, sap-server: true, sap-perf-fesrec: 28215.000000], responseText:<html><head><meta http-equiv="cache-control" content="no-cache" /><meta http-equiv="pragma" content="no-cache" /></head><body onload="javascript&colon;var url=window.location.hash;if(url&&(0!==url.length)){document.cookie=&quot;ouccxwwaubeovtqboreeeozdfboscfqtradsser_anchor=&quot;+escape(url)+&quot;; path=/&quot;}document.forms[0].submit()"><noscript><p><strong>Note:</strong> Since your browser does notsupport JavaScript, you must press the Continuebutton once to</p></noscript><form method="POST" action="https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/saml2 "><input type="hidden" name="SAMLRequest" value="PHNhbWxwOkF1dGhuUmVxdWVzdCBJRD0iU2M3NjZhNGJlLTUzMGItMWVlZS05ZGZiLTJjZjAzMWFkMjJlMSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMjMtMTAtMzFUMTA6MzY6NTJaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tLzc4MzFlNmQ5LWRjNmMtNGNkMS05ZWM2LTFkYzJiNDEzMzE5NS9zYW1sMiIgRm9yY2VBdXRobj0iZmFsc2UiIElzUGFzc2l2ZT0iZmFsc2UiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly8xMC42Mi4xMC4yMzo0NDMwMS9zYXAvb3B1L29kYXRhL3NhcC9aUldfU0FWWUlOVF9BUFBSVl9TUlYvWlVzZXJIZWFkZXJTZXQ&#x2f;c2FwLWNsaWVudD0zMDAiIFByb3RvY29sQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI&#x2b;PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHBzOi8vREUyMzAwPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz48ZHM6UmVmZXJlbmNlIFVSST0iI1NjNzY2YTRiZS01MzBiLTFlZWUtOWRmYi0yY2YwMzFhZDIyZTEiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM&#x2b;PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8&#x2b;PGRzOkRpZ2VzdFZhbHVlPlNaeHJGZlp5bDZ6Y0l6c21BcXg5ZTJlSzJUOD08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU&#x2b;ZHY5eXcwamYrdVBOVGdHVzZmUWZpeE1zL2pJWEh6ZjYzeFpYZ2tQRERuaGJpZzl0NzFYTE1sZUtqd2RXem13RExGWWZuNHQwSDFhdQpWTWVzR0sxbmNvcU1PL0dVZDNoLzFRaG5lNTFXQTgyU2V4VnpqaGZlL050dE5jS2RwNWM5d2ptekNBS2huM3V6djBGUnRQejlLLzQ0CnB5MFdrcTQzd1VPZStOZWYxajQrRW16QnNCODF0Y2ViYld4QmlHZ0F5bXJTUGxZQlZKTkpWUnFyY1B6N1k0aHNDSWdWb2R3bnE3MzUKSEpQWlJ1OWRQWkhlL0dObFJ2azlDRlpOMnNRVHg2Zmx1M01ZMUdCV1FEVUxhb1B0TngvY2cxY2RtdStvaFZ4bHhxN2lJczVXNXBCbApTQWx6bTErUnd3QVdFamdYaVdKVzZrTjdqcnlLR3d4ZE5SRUhxbWJEb241T2FxeU55ZkErZ3AzUW1CWEY5NnlvaFhoa2VMSVJ6dE10CjUzVmJhRW01TEp0QUw4YWxmTW5BMjZSQjJxNWtLaFlTK3cvNmdQTlVMZElaa1VUYUwxTFVUdCtJUnpyZGFaWXlQNXRvendHUGZTbGUKb25ZYXhHS0tjTUtDbk1sQWRYSDR1VThjSmdXRndlT0Zhdmx0SFFTVWRtemUrcFZwUmJLRitmRDI8L2RzOlNpZ25hdHVyZVZhbHVlPjwvZHM6U2lnbmF0dXJlPjxzYW1scDpOYW1lSURQb2xpY3kgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiLz48L3NhbWxwOkF1dGhuUmVxdWVzdD4&#x3d;"><input type="hidden" name="RelayState" value="ouccxwwaubeovtqboreeeozdfboscfqtradsser"><noscript><input type="submit" value="Continue"></noscript></form></body></html>, cookies:[ouccxwwaubeovtqboreeeozdfboscfqtradsser=POST%23MIICsAYJKoZIhvcNAQcDoIICoTCCAp0CAQAxggIYMIICFAIBADB8MHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDAyMTE5NTI1MjEYMBYGA1UEAwwPREUyX1NTRkFfUzJTVlBFAggKICICJAZTATANBgkqhkiG9w0BAQEFAASCAYCh2tu7XSJe7j%252BCVObj9IjPC0B%252BeggxTFNEUWjUJP%252FLvmhui%252BtCi62YysKTGWHzxKWreUA4Bjp0vmIBiaCvtMfcOAIrQj34FImXsqiSBUiTb5hST23M4gwFC8VDZ1LXdoagD2h6gBZ4c4DlojzFPo4TzML%252BlS65Yz4r6Itbx%252B72Nzv2ewwsyXR0I2S66earuiG9z9e2WIrS1vapoQtlUpNwm47s4DVRahPxyT7DU2k1jT%252BFzKRJ%252Bl4HSTDZygRkSPF8HIeEni%252FbrGr%252FTew%252F5Tg4hjJ5JNT6bo76VNpeBFTgtu3wFYFB3uNw7Q0AewEfy%252FHlVW5xIvTEm5ht078f5cKdR4YpIWgAfbZvx0D9bUw2klLQhbF8qvXmGzAlvTz43GthJs7nDgCYX0gdrX0WHg%252FauGdda6DOvwVKXE0Mw4eUvgOhdnPFvqfbrwl8vLZ%252BajTUxfrBnC9p%252BJIFWZ255PjMEPwMWtNG%252FAQwg2Ik9hWKK8ZBKBroZzHaVnrTseMu8DIwfAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQ2Vwu36ZgMTgoBQ4La6wUfYBQGSl%252FFRbuXeXEw%252B83l7q9S%252Bx8PNHPQzth7o1cfeMb6l0wBU6AyjcZxZDLiu0mcEcyUP7JVQ04rbixCkaLHuKS7TlUXDTWdxlygtjlF3Wo4%252FM%253D; expires=Tue, 31-Oct-2023 10:51:52 GMT; path=/; secure; HttpOnly, sap-usercontext=sap-client=300; path=/], statusCode:200]
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestUtilService - pullObjectsByRest - responseStatusCode ::200
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Exception in converting responseText to Map
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Entered getResponseHeaders method
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - responseError : null
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - isAuthError: false
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - pullObjectsByRest - responseMap.size : 0
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - pullObjectsByRest - objectList.size : 1
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] ERROR rest.RestProvisioningService - Call response: <html><head><meta http-equiv="cache-control" content="no-cache" /><meta http-equiv="pragma" content="no-cache" /></head><body onload="javascript&colon;var url=window.location.hash;if(url&&(0!==url.length)){document.cookie=&quot;ouccxwwaubeovtqboreeeozdfboscfqtradsser_anchor=&quot;+escape(url)+&quot;; path=/&quot;}document.forms[0].submit()"><noscript><p><strong>Note:</strong> Since your browser does notsupport JavaScript, you must press the Continuebutton once to</p></noscript><form method="POST" action="https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxx/saml2 "><input type="hidden" name="SAMLRequest" value="PHNhbWxwOkF1dGhuUmVxdWVzdCBJRD0iU2M3NjZhNGJlLTUzMGItMWVlZS05ZGZiLTJjZjAzMWFkMjJlMSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMjMtMTAtMzFUMTA6MzY6NTJaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tLzc4MzFlNmQ5LWRjNmMtNGNkMS05ZWM2LTFkYzJiNDEzMzE5NS9zYW1sMiIgRm9yY2VBdXRobj0iZmFsc2UiIElzUGFzc2l2ZT0iZmFsc2UiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly8xMC42Mi4xMC4yMzo0NDMwMS9zYXAvb3B1L29kYXRhL3NhcC9aUldfU0FWWUlOVF9BUFBSVl9TUlYvWlVzZXJIZWFkZXJTZXQ&#x2f;c2FwLWNsaWVudD0zMDAiIFByb3RvY29sQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI&#x2b;PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHBzOi8vREUyMzAwPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz48ZHM6UmVmZXJlbmNlIFVSST0iI1NjNzY2YTRiZS01MzBiLTFlZWUtOWRmYi0yY2YwMzFhZDIyZTEiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM&#x2b;PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8&#x2b;PGRzOkRpZ2VzdFZhbHVlPlNaeHJGZlp5bDZ6Y0l6c21BcXg5ZTJlSzJUOD08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU&#x2b;ZHY5eXcwamYrdVBOVGdHVzZmUWZpeE1zL2pJWEh6ZjYzeFpYZ2tQRERuaGJpZzl0NzFYTE1sZUtqd2RXem13RExGWWZuNHQwSDFhdQpWTWVzR0sxbmNvcU1PL0dVZDNoLzFRaG5lNTFXQTgyU2V4VnpqaGZlL050dE5jS2RwNWM5d2ptekNBS2huM3V6djBGUnRQejlLLzQ0CnB5MFdrcTQzd1VPZStOZWYxajQrRW16QnNCODF0Y2ViYld4QmlHZ0F5bXJTUGxZQlZKTkpWUnFyY1B6N1k0aHNDSWdWb2R3bnE3MzUKSEpQWlJ1OWRQWkhlL0dObFJ2azlDRlpOMnNRVHg2Zmx1M01ZMUdCV1FEVUxhb1B0TngvY2cxY2RtdStvaFZ4bHhxN2lJczVXNXBCbApTQWx6bTErUnd3QVdFamdYaVdKVzZrTjdqcnlLR3d4ZE5SRUhxbWJEb241T2FxeU55ZkErZ3AzUW1CWEY5NnlvaFhoa2VMSVJ6dE10CjUzVmJhRW01TEp0QUw4YWxmTW5BMjZSQjJxNWtLaFlTK3cvNmdQTlVMZElaa1VUYUwxTFVUdCtJUnpyZGFaWXlQNXRvendHUGZTbGUKb25ZYXhHS0tjTUtDbk1sQWRYSDR1VThjSmdXRndlT0Zhdmx0SFFTVWRtemUrcFZwUmJLRitmRDI8L2RzOlNpZ25hdHVyZVZhbHVlPjwvZHM6U2lnbmF0dXJlPjxzYW1scDpOYW1lSURQb2xpY3kgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiLz48L3NhbWxwOkF1dGhuUmVxdWVzdD4&#x3d;"><input type="hidden" name="RelayState" value="ouccxwwaubeovtqboreeeozdfboscfqtradsser"><noscript><input type="submit" value="Continue"></noscript></form></body></html>
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] ERROR rest.RestProvisioningService - Exception in validateResponse while parsing the target response
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] ERROR rest.RestProvisioningService - callResponseMap: [:]
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - showResponse: null
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - createNewUser - temp.status - Success
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - doBreak: false
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Response size: 2
2023-10-31/10:36:52.850 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Enter encryptHeaders
2023-10-31/10:36:52.851 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Exit encryptHeaders
2023-10-31/10:36:52.851 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Task Response: {"call1":{"headers":"/1IWfRSwlbMXu27gVCH5yzRKnC+cvLmqblYkJ8D/TXvNq3xNJlBYjhIUFQnnAV386EZjJwJW6vin7leimuOXY97WUefE4u+F5axoND6FGfMW5KYtjitrDHMNjRGWBmekm8ZZhrogvnXnVyLFEuMJJMzCWxBnlAzSNy/Ve9+NhVz0SRcY7jq/8nVY9qMhBkvzpPuVZkVGw1tbE/BsoWjNYtgUoKtwQ4+dr6g96bWf9XKlyJtFX9HTnyP8OSSV4ag74zEbIU7RCHG4Sa/x9S/TYtvpcUzxvIYZAsNjzcjlkO/3cdH3caRN0EcRd45hliFf7hJT0uhi8L3Y+3ZcEvBJfpQe/VzpXWXWlfQyTTGcQJzJoA/wNj+6tE5QAMmb9/0AFWI37YYNfjNqLqAscKRpf9M2v9Qw6s7V8/sLtvhUr7WlSsittM4OlNcgk+hXffbdPPaIMwKIUN6XUU+9fzWxFyEbiY+jBGHNOZ2u3hi1lMQhWqMDYJGU84rX80lDpFCtLIfL4CvFV3IKiN1LpXcogzRUUPJdnC+U2q1IZl6Et7sCxb++yNlweva1ZBMiWoIgtxNcZPQrWJEAkQQdzSWjfuyCsVWDi34WcTe6cnDA7ZYY7QFd2Sq35VdpVROemNjvgAHclBM9BUjNtwdkb1PKDicVUn6gIfCF1yzuUz0GX3IjcZ9grXaHk6gxp5UtPQ4dOGInFLaSCNq4zjjmxEN/i4mEpOAqEr4EEYJUd0rNP5q+3gFLO1HFN3YmuEZi8nYh9c1lRzRXFmgzE25tEN3tn9uiPg95zJH9FSJiZfu2T8kUd3QLdSI04+0vgcVJUOu0TYO08SbWX196f0Cco77ttIiP4WP+ERONALkNOsnpDoKXuYr+dE9qNtgBByiFJG3VVSsmpAawA5N+Bqjms8jZ052VEy034+pY2pVdEtaYA530vF3NhurdBniS5ntysnZ9baJwfCRlKcgXdarhEx2IliH4NFrNAj7RlJO6p8pMbujFA5GOkJT2S2flRHiaWOYl67M/8PKoOqDyc6ojkIRIFiwOTDuo35o99TJQZxeqRJ6Y1EekznQbWxs4D5KaiHgLtYZ4YfBf60m1eNQZJlwvTAoOYBpTP95aPAlCOYE/zyc7hsy0rWzott8QPDQe1Nqd7EwD90tZxSpwdtlIm9sdl3f74OwmQV8fyP+TBoC2XxTOTMYuFt4PsRADT6jHkrV+QfzRUkgdVQLemHCs6GtgWhxs3qdP4WHMh2yHVkyWIvAZFIDtw60yChWzBWQdj11scouEh5L+pTSm3u9oay+Y52gm8R/VBoH/8iQkLeHJC4UtsX9362EcZwtK2B3IIX1rxYvKQ9ilvW2D8sfDLy+t44LhsL1n63Ookb2DTmSgEzjPT7k3Gci7Ru00chfRFGdg/bA/bZltgfWeO2JexT9YRA96n4wFVWqNc3WsQsm/E/GIYWpXdkk1Z/hv+P5vZNUn9vVNmBVE8EaraWM055BiCGcmefe/DdyywkwpyXqPvqomt5p5s/MfUXUKFqLa1m5rWrBy1JnQ6OXvzTYglfwutT6d1ejdAK9On/oNjJaEpNvFleQ0P9B/zql0XeS9SxlBXd07SEd1bNb5ZVTbnZviYRpCUbJVw2KEqajqCuAkJK52l9VUy8/N0kcevTzKmO4NPFfeNSy3N1QqX8r3DlA2UmuKJB8iU2o0N6gju1A5YUuThSRwA7e418mBdTRC4UL89Hx05pYrByGw0fqDtEvaYpizS2MNMWtnLGYF6BhGzyYvFR8np7oSx/pNutohwF5nH6aYSrsuXjNpZpS3c6fhjBC2ShRuSzjJ0q1cvytPfrAHNoYn3hBEd6GgUKon1jaNFs+AQM39gCwcFO83RPvVxQ==","statusCode":200,"description":null,"status":"Success"},"call2":{"headers":"/1IWfRSwlbMXu27gVCH5yzRKnC+cvLmqblYkJ8D/TXvNq3xNJlBYjhIUFQnnAV38aMWWlm7D0j+TbbyPXScrpmAoa+gFo5a00gDvhx+tcN5uCN+UdYskiOMduziZl0K8hJHnXPMWyM9deB+4qUjzhFjUCiahnBoRZnWc8SDlTDHadKe+DmYI9AZWZGm6hKybZUgRoekP/KOnBGPCdczESywrl4j/WZMXt31cctcMHJqYv/Km+IS/mN2m7PMJKgT6fWxge8DbEmcP12d0kHerepxm19WB5GI3aJjkAPwQiMezB6hG0daNNTWCzXcRhF132iMLxrpKwkJfUt/uJOV3WJc2nwYaWvyZst2kcD/o5iAlby+YNOm4b874mwZe4WJA5ix7GTaL8Yyx4B9skZf4ijD501AkIonz8hgZGP5uT8aMum7gA8OItEV7rKVzh7xBzgeAkvFj2JG8d896UGDOxc3px/pfawYl9RvY+UHUcpBimkACrXya1RJ7QdZOu8+KymRU2Z0N7+7VL352IEjjiSScmdN0TwMV85Ua/gYRKOB3DfD/eRKJ2ixvlR2v8mFH4Uv9u9UNkbBy65QzWD2b9U5yKmnfPUGdWPeQ42TA+8yevX5Xpwo6Fc4O+3EB+i74golp1RxdAUGSqfGw6qSNC3kWAUqFYpyMwZN/i9x3QulrRNFMDXsaGFjKbSBZP7v1SCwKX2sV6wzivItAmt2F+9iUw+3Sa8Nh0jQCQ/cpn65jZa4CP0pns/bs0vf/M25f/lHR5UCrmNDNg5B/hvXRqw4ZbBuqy19dKptYZlFEBiK4aQr4NhdFOo+G7Ye60LForn7IgcR/svX6OUItxgpryX67ogVPvNla0xBMXws/GVOc1Ev63IBuFRTKu/2hb4bGqNZE6l9v0bOKu+kSTsa8GXp/pBF2d2uz8LNk2DGHV1dw9R3Rq3qcN7XboB3DLSHOgGUEWRrFHzIHg6suvdf/pE3fx/i8JMstM41S9DrKKaKSivy9d+wMbTWR0GYGQNyq29n4rJq/JwbamK99Pbkib9axt8EtvusBFhmexwEqbtb55cwB4NuS0HmtdWgsopexGQJItDtNieTQUHDSStyFZkDZqpRQHt7ZbfS8+vG7FZrcLdXLYfemH6UtvDOyLo/0CB6WstNTBy+WtsKTTnSXrjKSZdRM6/c7VM7pVTwAmdops4K9+fzHQcOKG4X9YCvD1QNIggNHeW4ZfYs8nb4PkvJhovQtZzxFb/Jlfr7vNY8N0AOmllxu5xb2J9JI7ytHMx+Br8jzlqp+KKi0Tg+hCUoKmNee+VeRWqh5o/Ru2w5fFQBhAWSYMWXM9wOchG0xycPnbMiV6YsRiUqs/+k22+kjyiqgR7jUiTBCq4eKR7YNC9voW/9IijMt+9AMGnIJfa2n43RwOjaW1bpe0JiBvyOaCQdrF0+5ZuLwHPtkK6TH9q0BzN7vQWR1dpTtvwXpdiNXT4SABRMj5G+1upkHu8+cKb0j+Np2cLuMAWErgUJHnBlYh5VruFoBWqFojqu3f0mSNbZkrd88OSUeJrOcm4EFnzCfiY5hpFxQxxkMOcyGk0lBSLEeHEEwNx2EIoTnxsYyRu8uVmYDffsMMx0yMdpzF6XD+mD7F+JIx9YQKgyGsDlu3iD2lHxSgWK9XlxgXqhPTOEUKX16URntZ5didkZevJKg3ifYbeWsQis5wfE/r3uYStuJ66ewlesYXvryTLzLaCGXjYY3EQCYWQZtcYBNN1nWhhbQ8A9vSRz+PlqwdN12F1etDE35sptbeJkLQKmqwyBoPH4GNfoNeY/+CkhdufdKImIyxX9ocTsnGWF/aLQtZaDygiwopKkEe+sa4sg+nlmS9V1xbnJ4MC3FXBEXEpLBQqRqoQ8+YH5sCMA=","statusCode":200,"description":null,"status":"Success"}}

[This message has been edited by moderator to merge reply comment]

1 person had this problem.
Labels:
0 Kudos
15 REPLIES 15

SB
Saviynt Employee
Saviynt Employee

‎11/02/2023 02:14 PM

Does the 2nd call work if you hardcode the value for x-csrf-token instead of 

"x-csrf-token": "${response.call1.headers.x-csrf-token}"


Regards,
Sahil
0 Kudos

jitendra_sharma
New Contributor
New Contributor

‎11/06/2023 04:45 AM

Hello Sahil, 

I have just tried only with account json with hardcoded token then this task is picked by job but it is not processing, even connection json also not called. please find below json (Task ID- 1196654)

{
"accountIdPath": "call1.message.id",
"call": [
{
"name": "call1",
"connection": "accAuth",
"url": "https://xxxxxxxxxxx:xxxxx/sap/opu/odata/sap/ZRW_SAVYINT_APPRV_SRV/ZUserHeaderSet?sap-client=300&saml...",
"httpMethod": "POST",
"httpParams": "{\"UserName\":\"${user.username}\",\"Password\":\"Test@123456\",\"Uclass\":{\"Sysid\":\"1\"},\"UserLogondata\":{\"Gltgv\":\"20230907\",\"Gltgb\":\"99991231\"},\"ZNavToUserParameters\":[{\"Parid\":\"NDR\"}]}",
"httpContentType": "application/json",
"httpHeaders": {
"Content-Type": "application/json",
"x-csrf-token": "xxxxxxxxxxxxxxxxxxxxx",
"Accept": "application/json"
},
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
400,
401
]
}
}
]
}

 

 

MultiLogs (21).zip
0 Kudos

jitendra_sharma
New Contributor
New Contributor
In response to jitendra_sharma

‎11/06/2023 04:54 AM - edited ‎11/06/2023 04:55 AM

When i have tried with both the json (disable sso) url then it at least i got the response from first call token call. but token is not printing in response message and also but passed to next call. 

Question - May i know why saviynt is hitting SSO?.  Same URL is working find with postman. so not sure why saviynt follow different path.

Please find the attached log. it has each call response. 

MultiLogs (20).zip
2 KB
0 Kudos

SB
Saviynt Employee
Saviynt Employee

‎11/13/2023 12:43 PM

Can you check in your postman if Automatically follow redirects setting is enabled. In case it is enabled, can you disable it and then try to make the call from postman.


Regards,
Sahil
0 Kudos

jitendra_sharma
New Contributor
New Contributor
In response to SB

‎11/14/2023 02:10 AM

Hello Sahil,

After disabling suggested postman config i am able to hit to sso through postman only when i am not passing credentials but when i am passing credential then it is return response to me.

Even if you see the attached log i got the response for get token call successfully but when response header which contain token that is encrypted in saviynt.

Is it possible to connect so that i can show you issue in environment and then we can discuss.

0 Kudos

jitendra_sharma
New Contributor
New Contributor

‎11/14/2023 02:11 AM

Please refer this ticket where i have mentioned the problem - [#2008241] Header response is encrypted. Not able to pass token in next call. : Saviynt Inc

0 Kudos

SB
Saviynt Employee
Saviynt Employee

‎11/14/2023 08:53 AM

From what I know SSO based url will not work from Saviynt since it is still a redirect.


Regards,
Sahil
0 Kudos

jitendra_sharma
New Contributor
New Contributor
In response to SB

‎11/14/2023 05:43 PM

Thanks Sahil. Still below points are open.

1. But URL is redirecting only when i am not passing credential in postman. But when i pass the credential in postman then it is not redirecting. it generates the token.  This is SAP Fiori Application.

2. We have used without SSO URL as well and  getting response but header token is encrypted form so it is not passing into next call.  can you refer [#2008241] Header response is encrypted. Not able to pass token in next call. : Saviynt Inc

3. We are boarding SAP Fiori Application. I did not find any standard document for it. If you can check same application is implemented for any other client then it would help. 

4. Also If SSO URL is not supported by saviynt then Is there any other way to integrate SAP Fiori app with saviynt. (Using ODATA API)

 

0 Kudos

jitendra_sharma
New Contributor
New Contributor

‎11/14/2023 05:55 PM

Hello Sahil ,

Is it possible to connect so that i can show you end to end process and then discuss the solution.

 

0 Kudos

SB
Saviynt Employee
Saviynt Employee

‎11/16/2023 09:18 AM

Lets take a step back and start the issue over since its going in multiple directions. When you use hardcoded token value in your Final JSON, the prov did not happen.

For the above scenario, can you update ConfigJSON param in the REST connection with value {"showLogs":true}.
This will enable additional logging. Run the provisioning job for just 1 task. 

In the logs search for 

Calling Webservice Url - this will display the Call url with the body being sent from Saviynt.

Got Webservice API Response - this will display the response we get from target.

Check for the logs to see if helps you identify why the prov is failing.

2nd step would be to run your get token call (without SSO and SSO may not work) and check for the above keywords in the logs to see if we are getting a valid token value in response.

P.S: This is a community forum and a call will not be possible. You can reach out to your CSM for PS help or if a call is needed for discussion around the use case.


Regards,
Sahil
0 Kudos

jitendra_sharma
New Contributor
New Contributor
In response to SB

‎11/19/2023 10:16 PM - edited ‎11/20/2023 01:37 AM

Hello Sahil,

Can you please check my above comments. I have already performed both the tests with show log =true config. Even i have attached the log also. 

1. Copied from above comment. Attaching one more time new log.

I have tried only with account json with hardcoded token then this task is picked by job but it is not processing, even connection json also not called. please find below json (Task ID- 1198949)

2023-11-20/09:15:22.189 [{}] [quartzScheduler_Worker-18] DEBUG services.ArsTaskService - Calling rest createAccount with Sec System - TOA Fiori Application and tasklist - [71664970:[com.saviynt.ecm.task.ArsTasks : 1198949]]
2023-11-20/09:15:22.189 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Entering RestProvisioningService : createAccount
2023-11-20/09:15:22.189 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - initializing Provisioning connection
2023-11-20/09:15:22.199 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - email: renata.andrade@br.abb.com
2023-11-20/09:15:22.199 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Calling createNewUser
2023-11-20/09:15:22.199 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - arsTasks.provisioningComments null
2023-11-20/09:15:22.201 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - arsTasks?.requestAccessKey: com.saviynt.ecm.workflow.Request_Access : 15480
2023-11-20/09:15:22.285 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build() called.
2023-11-20/09:15:22.329 [{}] [quartzScheduler_Worker-18] DEBUG services.SaviyntCommonUtilityService - USE_DEFAULT_ATTR_VALS_IN_REQUEST =
2023-11-20/09:15:22.329 [{}] [quartzScheduler_Worker-18] DEBUG services.SaviyntCommonUtilityService - usedefaultval = false
2023-11-20/09:15:22.329 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Validating Password Policy and setting defaults...
2023-11-20/09:15:22.329 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Total Call: 1
2023-11-20/09:15:22.382 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - connection: accAuth
2023-11-20/09:15:22.400 [{}] [quartzScheduler_Worker-18] ERROR rest.RestProvisioningService - Access Token is null..
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Response size: 0
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - Task Response: null
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - accountId: null
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - accountResponseMap: null
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - taskResult: false
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - isEntitlementOnly: false
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] DEBUG rest.RestProvisioningService - taskResult:: false
2023-11-20/09:15:22.419 [{}] [quartzScheduler_Worker-18] ERROR rest.RestProvisioningService - Error while creating account - 71664970 removing tasks from the list

2.  Check the log20 attached on the above comment. just pasted below line. where token in part of response

https://xxxxxxxxxxxxxxx:eeee/sap/opu/odata/sap/CA_RSM_TEAM_SRV/C_RespyMgmtTeamHeaderTP?sap-client=30... with httpParams - null

2023-11-03/15:51:50.392 [{}] [quartzScheduler_Worker-17] DEBUG services.HttpClientUtilityService - got response for api...
2023-11-03/15:51:50.392 [{}] [quartzScheduler_Worker-17] DEBUG rest.RestUtilService - Got showLogs = true
2023-11-03/15:51:50.392 [{}] [quartzScheduler_Worker-17] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[set-cookie=******/, set-cookie=******/; HttpOnly, content-type: application/json; charset=utf-8, x-csrf-token: ydXPTEhznyX99Fi5rd_V1g==, dataserviceversion: 2.0, sap-metadata-last-modified: Sat, 11 Feb 2023 03:02:47 GMT, cache-control: no-store, no-cache, sap-processing-info: ODataBEP=,crp=,RAL=,st=,MedCacheHub=SHM,MedCacheBEP=SHM,codeployed=X,softstate=, sap-server: true, sap-perf-fesrec: 232671.000000], responseText:{"d":{"results":[{"__metadata":{"id":"https://10.62.10.23:44301/sap/opu/odata/sap/CA_RSM_TEAM_SRV/C_RespyMgmtTeamHeaderTP(RespyMgmtTeamID=...)","uri":"https://10.62.10.23:44301/sap/opu/odata/sap/CA_RSM_TEAM_SRV/C_RespyMgmtTeamHeaderTP(RespyMgmtTeamID=...)","type":"CA_RSM_TEAM_SRV.C_RespyMgmtTeamHeaderTPType"},"Activation_ac":false,"Assign_subteam_ac":true,"Copyteam_ac":true,"Create_subteam_ac":true,"Edit_ac":true,"Preparation_ac":false,"Remove_invalid_members_ac":true,"Validation_ac":false,"RespyMgmtTeamID":"50016337","RespyMgmtTeamName":"R2R ASSET PC WF_CH","RespyMgmtTeamNameForSearch":"R2R ASSET PC WF_CH","RespyMgmtTeamDescription":"","RespyMgmtTeamDescForSearch":"","RespyMgmtTeamStatus":"01","RespyMgmtTeamStatus_Text":"Ready to Use","RespyMgmtTeamStatusDescription":"Ready to Use","RespyMgmtTeamType":"ZAA","RespyMgmtTeamType_Text":"Asset

MultiLogs (28).zip
0 Kudos

Bharadwaj
Regular Contributor
Regular Contributor

‎11/21/2023 04:21 AM

Hi @jitendra_sharma @SB ,

Even I am facing similar issue. We have two calls in the Update User Json, where the call 1 retrieves the "x-csrf-token" and we use this value in call 2.

For call 1, we are able to see the response of "x-csrf-token", however, we do not see the value of x-csrf-token transported to call 2. Please find the details below:

Update user Json:

{
"actions": {
"Update Login": {
"call": [
{
"name": "Update Login",
"callOrder": 0,
"connection": "acctAuth",
"url": "https://XXXX/sap/opu/odata/sap/ZHR_SRV/$metadata",
"httpMethod": "GET",
"ssl": {
"keyFile": "/saviynt_shared/saviynt/ConnectorFiles/DIAS_SAP_OAuth.p12",
"keyFilePassword": "xxxxx",
"keyManagerAlgorithm": "SunX509",
"keyStoreType": "JKS",
"sslAlgorithmName": "TLSv1.2"
},
"httpContentType": "text/xml",
"httpHeaders": {
"Authorization": "${access_token}",
"x-csrf-token": "fetch"
},
"successResponses": {
"statusCode": [
200,201
]
}
},
{
"name": "Update Login",
"callOrder": 1,
"connection": "acctAuth",
"url": "https://XXXXX/sap/opu/odata/sap/ZHR_SRV/usridSet",
"httpMethod": "POST",
"ssl": {
"keyFile": "/saviynt_shared/saviynt/ConnectorFiles/DIAS_SAP_OAuth.p12",
"keyFilePassword": "xxxx",
"keyManagerAlgorithm": "SunX509",
"keyStoreType": "JKS",
"sslAlgorithmName": "TLSv1.2"
},
"httpContentType": "text/xml",
"httpHeaders": {
"Authorization": "${access_token}",
"x-csrf-token": "${response.'Update Login'.headers.x-csrf-token}",
"Cookie": "${response.'Update Login'.headers.cookies}"
},
"httpParams": "{\"UsrID\":\"${user.username}\",\"Pernr\":\"${user.employeeid}\"}",
"successResponses": {
"statusCode": [
200,
201
]
}
}
]
}
}
}

Call 1 response: (where we retrive x-csrf token)

Got Webservice API Response: [headers:[set-cookie=******/, set-cookie=******/, content-type: application/xml, x-csrf-token: b9fPK2b71JEf6R9dqsbLGg==, last-modified: Wed, 13 Sep 2023 07:09:37 GMT, cache-control: max-age=0, dataserviceversion: 2.0, sap-processing-info: ODataBEP=,crp=,st=,MedCacheHub=Table,codeployed=X,softstate=, sap-perf-fesrec: 17038.000000, Transfer-Encoding: chunked], responseText:<?xml version="1.0" encoding="utf-8"?><edmx:Edmx Version="1.0" xmlns:edmx="http://schemas.microsoft.com/ado/2007/06/edmx" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata" xmlns:sap="http://www.sap.com/Protocols/SAPData"><edmx:DataServices m:DataServiceVersion="2.0"><Schema Namespace="ZHR_SRV" xml:lang="en" sap:schema-version="1" xmlns="http://schemas.microsoft.com/ado/2008/09/edm"><EntityType Name="usrid" sap:content-version="1"><Key><PropertyRef Name="Pernr"/></Key><Property Name="Pernr" Type="Edm.String" Nullable="false" MaxLength="8" sap:unicode="false" sap:label="Personnel No." sap:creatable="false" sap:updatable="false" sap:sortable="false" sap:filterable="false"/><Property Name="EndDate" Type="Edm.String" Nullable="false" MaxLength="10" sap:unicode="false" sap:label="End Date" sap:creatable="false" sap:updatable="false" sap:sortable="false" sap:filterable="false"/><Property Name="StartDate" Type="Edm.String" Nullable="false" MaxLength="10" sap:unicode="false" sap:label="Start Date" sap:creatable="false" sap:updatable="false" sap:sortable="false" sap:filterable="false"/><Property Name="UsrID" Type="Edm.String" Nullable="false" MaxLength="30" sap:unicode="false" sap:label="System ID" sap:creatable="false" sap:updatable="false" sap:sortable="false" sap:filterable="false"/></EntityType><EntityContainer Name="ZHR_SRV_Entities" m:IsDefaultEntityContainer="true" sap:supported-formats="atom json xlsx"><EntitySet Name="usridSet" EntityType="ZHR_SRV.usrid" sap:updatable="false" sap:deletable="false" sap:pageable="false" sap:content-version="1"/></EntityContainer><atom:link rel="self" href="https://xxxx/sap/opu/odata/sap/ZHR_SRV/$metadata" xmlns:atom="http://www.w3.org/2005/Atom"/><atom:link rel="latest-version" href="https://xxxx/sap/opu/odata/sap/ZHR_SRV/$metadata" xmlns:atom="http://www.w3.org/2005/Atom"/></Schema></edmx:DataServices></edmx:Edmx>, cookies:[sap-usercontext=sap-client=700; path=/, SAP_SESSIONID_EED_700=cD0A78La6xYzd7FH6zjVOphdP3KIXxHuqFkAUFaqEN4%3d; path=/], statusCode:200]

Call 2 Response: (where x-csrf-token is not transported from call 1)

2023-11-21T12:54:15+01:00-ecm-worker-rest.RestProvisioningService-quartzScheduler_Worker-4-9fc2v-DEBUG-Got Webservice API Response: [headers:[set-cookie=******/, set-cookie=******/, content-type: text/plain; charset=utf-8, x-csrf-token: Required, sap-processing-info: ODataBEP=,crp=,st=,MedCacheHub=,codeployed=X,softstate=, sap-perf-fesrec: 7738.000000, Transfer-Encoding: chunked], responseText:CSRF token validation failed, cookies:[sap-usercontext=sap-client=700; path=/, SAP_SESSIONID_EED_700=W5_JCTE4bOEOmgXz3VHbX6-l2AmIZBHuqFkAUFaqEN4%3d; path=/], statusCode:403]

Appreciate your help if you could let me know the issue.

Thanks!

0 Kudos

SB
Saviynt Employee
Saviynt Employee
In response to Bharadwaj

‎12/08/2023 09:03 AM

This has been identified as a defect and is being reviewed by Saviynt Product team.


Regards,
Sahil
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to SB

‎01/11/2024 09:51 PM

Targeted fix version ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

SB
Saviynt Employee
Saviynt Employee
In response to rushikeshvartak

‎01/12/2024 08:20 AM - edited ‎01/12/2024 08:21 AM

This is still being worked on and the fix version is not yet locked.


Regards,
Sahil
0 Kudos
Copyright © 2024 Khoros, LLC