Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

REST provisioning failing with dynamic binding

MeghaSanjanaR
New Contributor
New Contributor

‎10/04/2023 05:56 AM - last edited on ‎10/04/2023 07:10 AM by Community Manager

REST Add Access task not getting provisioned. Failing with 401 error  

Token API logic of Collective application - RSA Archer based oauth2 authentication is used. Here in RSA, once the token is generated(say value of token is SOMETOKENVALUE), it continues to make successful API calls. But if the token API is hit again, the working token(SOMETOKENVALUE) seizes to work although the expiration time wasn't met. The newly generated token should be used going forward(say NEWTOKENVALUE). 

The JSONs are present below. Logs are attached for Add Access task. Based on logs it is observed that 401 error is coming 5 times and failing post that when ${access_token} binding is used. When the token is hardcoded in connectionJSON, it works.

Another observation is, hardcoding the token in add access json does not work when connection json has binding.

Connection JSON is:

{
"authentications": {
"collectiveAuth": {
"authType": "oauth2",
"url": "https://maskedurl/api/core/security/login",
"httpMethod": "POST",
"httpParams": {
"InstanceName":"QA",
"Username":"TESTUSER",
"UserDomain":"ASIA-PAC",
"Password":"Test123"
},
"httpHeaders": {
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"retryFailureStatusCode": [401],
"successResponse": [200,201],
"expiryError": "Invalid session token",
"timeOutError": "Read timed out",
"errorPath": "",
"maxRefreshTryCount": 5,
"tokenResponsePath": "RequestedObject.SessionToken",
"tokenType": "",
"accessToken": "abcd"
}
}
}

 

Add Access JSON:

{
"call": [
{
"name": "Roles",
"connection": "collectiveAuth",
"url": "https://maskedurl/api/core/system/userrole",
"httpMethod": "PUT",
"httpParams": "{\"UserId\": ${account.accountID},\"RoleId\": 39,\"IsAdd\": true}",
"httpHeaders": {
"Authorization": "Archer session-id=${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [201, 200, 204]
},
"unsuccessResponses": {
"statusCode": [400, 403, 401, 404, 409, 501, 500]
}
},
{
"name": "Groups",
"connection": "collectiveAuth",
"url": "https://maskedurl/api/core/system/usergroup",
"httpMethod": "PUT",
"httpParams": "{\"UserId\": ${account.accountID},\"GroupId\": 363,\"IsAdd\": true}",
"httpHeaders": {
"Authorization": "Archer session-id=${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [201, 200, 204]
},
"unsuccessResponses": {
"statusCode": [400, 403, 401, 404, 409, 501, 500]
}
}]
}

Logs are attached

Also FYI, the same connection json is working for recon with dynamic bindings. Failing only for provisioning,

[This post has been edited by a Moderator to merge two posts.]

Labels:
FailureLogs.zip
Working_TokenHardcoded.zip
0 Kudos
4 REPLIES 4

Darshanjain
Saviynt Employee
Saviynt Employee

‎10/10/2023 08:26 AM

Hi @MeghaSanjanaR 

Can you try this in postman and see is it behaving the same way, once it is success again call the Token Api and try to call it and see whether its working or not.

 

Thanks
Darshan

0 Kudos

MeghaSanjanaR
New Contributor
New Contributor
In response to Darshanjain

‎10/10/2023 09:24 AM

@Darshanjain I have already done that via postman. The token gets expired immediately after the token API is hit again. 

0 Kudos

Darshanjain
Saviynt Employee
Saviynt Employee
In response to MeghaSanjanaR

‎10/11/2023 06:54 AM

Hi @MeghaSanjanaR 

I see you already raised a ticket as well with saviynt and have checked the logs as well as its generating same token for 5times, we are checking and will let you know.

 

Thanks

Darshan

0 Kudos

MeghaSanjanaR
New Contributor
New Contributor

‎10/12/2023 12:47 AM

Hi Darshan,

Thanks for the update. Hoping for a resolution soon. 

0 Kudos
Copyright © 2024 Khoros, LLC