Hi Team,We want to reconcile the accounts and entitlements from the target application using the REST connector.Here the API has the Architecture of 2 calls (1st to pass creds, 2nd to read) we got the confirmation from Saviynt that it is not supporte...
Could someone please share a working AuthenticationConfig.groovy file with MULTIPLE IDP configuration? We tried following the same steps as mentioned in the documents. But see the error below. caused by: org.springframework.beans.factory.BeanCreation...
We need to connect to Adobe User Management API using JWT authentication. However, to get the JWT token, we need to get the private key and certificate which expires every day. Hence, we want to know if it's feasible to get the private key dynamicall...
Hi,I am getting the below errors while provisioning the entitlements for AD and Saviynt. Accounts assignment tasks are getting competed but the entitlement tasks are not getting completedAD:Error while ADD operation for account-XXXX to Group-Entitlem...
Hi Team,Is there any alternative of sending Password to the user other than plain text? Best regardsHarish
Hi, We recently changed to OAuth for the Incoming Mail ARS job (Actionable email job). We are not seeing any response in the Job log and the email-based approval is not working. When an approver approves through mail, that email is being received in ...
Hi Team,We have changed password for user AD account using Change Password task and captured that password from email template from Saviynt, after changing the pwd tried to login with the changed password but it is not working (Giving password incorr...
What constraint does the grails.plugin.springsecurity.saml.maxAuthenticationAge have relative to the IdP "session logout value"?When consulting the documentation, there is conflicting statements- one stating is needs "more than or equal to" and the o...
Hi,The Notify Certifier email isn't working and we get the following error:No such property: attestations for class.Although if we see freshdesk, we have exactly used the same binding variables as mentioned in the doc below:Link for reference : https...
Hi,So we have a different type of user (Customer/Supplier) whose email needs to be generated in a particular way, however when we include it in the email generation query under global configuration it throws the following exception:Query : case when ...
Hi ,I am looking to customize the default message which saviynt is showing in case of user account locked.I have to edit the below highlighted content as per the customer's request. How to implement this?
Hi,We need to update email server settings to SMPT configuration (to office365)I have added the configuration in Admin > settings > email sever settings, as belowBut when i try to save and test connection, i get the below error.Is there anything else...
Hi,We have a requirement on updating user email on their change of company and need a logic or a workaround for the same.We have around 82 companies at the moment of which 77 companies have the same email domain, except the leftover 5 companies which...
Hi,We have recently seen a weird behavior with update user form. The update user form which was originally generating the request number on submission is no more generating the same. Also, we cannot see it in the Pending approvals queue.Could there b...
Hi We are trying to set up authentication to receive OTP for Forget Password We have specified OTP Email Template.Could please assist on how to set up internal OTP provider
Hi,We are trying to provision Azure Security groups via graph api and distribution groups via powershell within the same connector.We have used a rest connector and have written the following condition in Add Access JSON as below:When we provision a ...
Our organization currently uses SSO to access Saviynt and we have created test user accounts that we are attempting to access via local sign on.We believe we have set the local user flag in both our normal account and the test account per the documen...
After working in Saviynt for 60 minutes, I'm automatically logged out by the system. Is it possible to disable this functionality?
Hi,We need to disable Exchange account for a user on termination. However, that is triggered via powershell script for license disablement on exchange.We are able to pass the http params via update account json, which includes the username of the use...
Hi,We have a requirement to generate usernames in sequential numbers for various categories of users created via Created User Form.We have five categories of user, of which 4 categories of users we are generating Category Code (from dynamic attribute...
Hi,We have created Shared Mailboxes on a hybrid environment, where the shared mailboxes could be reconciled via AD reconciliation. However, we cannot see the delegates who are part of those Shared Mailboxes in AD.Is there a way to reconcile the deleg...
Hi,We have installed IIS and deployed the Saviynt App as mentioned in Freshdesk. However, while we are trying to connect the same via REST Connector, we are getting a null response. Also, the error that we see in logs, states Source:Unknown.We have t...
Hi,I am trying to populate a field of users where multiple email users could be selected from the system in the dynamic attribute of a create users form.I am using Attribute Type as : Multiple select from SQL QueryValues : select email as ID from use...
Hi,We have around 18000 departments which we wish to populate in a dropdown in the create user form from a dataset table that we have imported.However, dataset gives us a threshold of only 10k lines of entries.Any workarounds for this use case?Can we...
Hi,We are trying to create exchange mailboxes on a hybrid environment. We also have the script at a location with logging included. However, the create account JSON is throwing error. Can someone please validate if I am passing the file path and the ...
We are trying to write an email generation query under global configuration. However when we upload the query it throws an error as "Operation not allowed as you are entering a value that resembles or contains script code"Attaching a part of the quer...
What is the default lifetime of 'Refresh_Token' and 'Access_Token' that we get when calling Saviynt /login ? And, where can change this default lifetime?Can we set the lifetime of just 'Refresh_Token'?
Hi,We have a requirement to relaunch a campaign for all users whose campaign response was ' No Response'.We have selected to revoke tasks for certified users on campaign expiry and hence, for users for whom 'No Response' was selected, we need to rela...
Hi,We have a requirement in which the companyname of the user being created should be equal to the company name of the requestor via the Create User Form. However, the manager to be shown in the dropdown should belong to the company name select, whic...
Hi Team,I am configuring SSO with Azure AD following below URL and getting below error in the logs. Please not i am not using SP side (Saviynt side) certificate as it is optional and I do not want the requests to be signed - https://saviynt.freshdesk...
Hi,We have a requirement to generate user PIN which will be used as username of the user. WE aren't able to generate username as PIN via Add register rule under global configurations via a query. Hence we wrote a Saviynt to Saviynt user import query....
Hi,We have a requirement to generate PIN number for external employees via either SAV to SAV or via the Create User Form (Dynamic Attributes) (Recommended)Use Case :If an employee joins a company, his PIN will be generated based on [CompanyCode][Maxi...
Dear,We have a requirement to invoke API call which uses HMAC. And to create authentication, we have to run a custom java code which encrypts the data. We have tried in Postman using 'Pre-Requisite script' option and worked well there. Now, we have t...
Does Saviynt has/support Client certificate based authentication or use of digitally signed access tokens, in addition to the submission of API Key/Secret (password) and ID ? Is the access token issued by the login service digitally signed access tok...
I am trying to configure SSO with Azure AD. Needed clarity on some of the parameters that need to configured in the groovy file. I am not using SP side certificate.I am using this URL for the configuration - https://saviynt.freshdesk.com/support/solu...
Hi,We have a technical rule- detective, for assigning an account and access of a particular Application.Then the account is provisioned using Provisioning Job(WS RETRY)Now, we have a dynamic attribute set within the Application, such that only certai...
Hello,We are attempting to set up AzureAD SSO on v2021, with a Single IDP set up. We are referencing the documentation here - https://saviynt.freshdesk.com/support/solutions/articles/43000661162-saml-metadata-files#SAMLMetadat....What should the valu...
Hello all,We are attempting to set up AzureAD SSO on v2021, with a Single IDP set up. We are referencing the documentation here - https://saviynt.freshdesk.com/support/solutions/articles/43000661162-saml-metadata-files#SAMLMetadataFiles-Authenticatio...
Hello,I have a few questions I need clarification on;How do we set up default roles for users who are not in Saviynt but will be created for the first time upon signing in to Saviynt via SSO?How do we disable SSO configuration in Saviynt in case ther...
Hello,I would like to generate a password hashed by SSHA-512.Is there an option that we can select hash algorithm or encryption method when LDAP password is created ?
Hi,Below is the SAP SuccessFactors connection json used in Saviynt and throws 401 error. But through API client I can able to connect and retrieve data also. Is there any config I missed? {"authentications": {"userAuth": {"authType": "oauth2","url"...
Hi All,We are following https://saviynt.freshdesk.com/support/solutions/articles/43000666823-splunk-integration-guide to integrate Saviynt with Splunk for log data export. As per document, we have to install Splunk EIC Add-on and will have to provide...
Hi All,Can we have Saviynt application authentication on LDAP (AD) with High Availability (HA). Just to make sure we have HA on Saviynt application authentication. ADMIN > Settings > Configuration Files --> AuthenticationConfig.groovyDo grails.plugin...
Hi Team , I wanted to know if we can check for duplicity check with non mandatory attribute in AD like employeeID ? I tried Check for unique parameter from AD connector guide but it didn’t help . I added something like EmployeeID: ${user.username)pl...
Hi All,We are on Saviynt v5.5SP5 version. How we can login to Saviynt using API user directly when SSO is configured?Regards,
Does anyone know why the keystore password is stored unencrypted in the groovy authentication config when setting up SSO? Is there a safer/better alternative, or am I missing something?Thank you!
Hi there,Is it possible to do User Group to Role Mapping using grails.plugin.springsecurity.saml.userGroupToRoleMapping property? If so, can you please suggest how this is done? We have raised 2 tickets with Saviynt support, one saying it's possible,...
Hi,I am getting the below error when i import users from connection.Logs:2022-08-08 07:44:07,704 [quartzScheduler_Worker-2] DEBUG rest.RestProvisioningService - responseError : Could not decode token: The token "AiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3M...
We are trying to integrate box application with Saviynt and we had some limitation (because of custom role assignment) due to which we opted for Rest connector. All the use cases are working as expected except that the access token is expiring every ...
Hi Team,I need your help in knowing if we can have multiple endpoint for one single connection where when we do import (recon) based on certain condition like country it should link the user with respective endpoint .Example:Endpoint 1 (India)Endpoi...
