Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Azure REST connector - Account/Group import

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on December 13 2021 at 17:36 UTC

Hi,


We are trying to build an Azure REST connector to import the accounts, groups and their mappings. We do not want to make use of the OOTB Azure connector as we need to filter out certain AAD groups.


We were successful in importing a test account and a group, but the account - group association is missing.


Can someone provide a sample working json for the Azure AD acctEntParams part.



This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
2 REPLIES 2

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on December 15 2021 at 18:02 UTC

Jesvin,


Pls try the following.



    "acctEntParams": {

        "entTypes": {

            "AADGroup": {

                "call": {

                    "call1": {

                        "processingType": "httpEntToAcct",

                        "connection": "userAuth",

                        "listField": "value",

                        "acctKeyField": "accountID",

                        "entKeyField": "entitlementID",

                        "acctIdPath": "id",

                        "http": {

                            "url": "https://graph.microsoft.com/v1.0/groups/${id}/members/microsoft.graph.user",

                            "httpMethod": "GET",

                            "httpContentType": "application/json",

                            "httpHeaders": {

                                "Authorization": "${access_token}"

                            }

                        },

                        "pagination": {

                            "nextUrl": {"nextUrlPath": "${(response?.completeResponseMap?.get('@odata.nextLink')==null)? null : response?.completeResponseMap?.get('@odata.nextLink')}"}

                        }

                    }

                }

            }

        }

    }





Regards,

Avinash Chhetri


This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on December 17 2021 at 09:04 UTC

Thanks Avinash. This worked.


Is there a way to do incremental account import using the REST connector.?


We keep getting the below error when the account import runs for more than an hour :


Message-{"error":{"code":"Authentication_ExpiredTo
ken","message":"Your access token has expired.
Please renew it before submitting the
request.


Is this something that you have seen before.? How do we overcome the token expiry issue.?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.