This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

REST Connector tokenResponsePath Syntax

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 01:22 PM

Originally posted on March 18 2022 at 18:51 UTC

Hi, 


I have rest connector endpoint serving as the authoritative source for employees and contractors. The REST endpoint uses a username, password, and clientId passed in the header of a POST request in order to return an access token. The token returned is a Bearer token and is passed into the Authentication attribute of the ImportUserJSON call header. I can get the user import to run successfully when I hardcode an access token retrieved using Postman, but my connectionJSON fails to return a valid access token dynamically. 



The full ConnectionJSON is as follows:


{

  "authentications": {

    "MyConnection": {

      "authType": "oauth2",

      "url": "<url endpoint matching postman call>",

      "httpMethod": "POST",

      "httpParams": {

            "AuthParameters": {

                "USERNAME": "<username>",

                "PASSWORD": "<password>"

            },

            "AuthFlow": "<auth flow>,

            "ClientId": "<client id>"    

        },

      "httpHeaders": {

        "Content-Type": "application/x-amz-json-1.1",

        "X-Amz-Target": "AWSCognitoIdentityProviderService.InitiateAuth",

        "Accept": "application/json"

      },

      "httpContentType": "application/json",   

      "authError": [

        "Incorrect username or password."

      ],

      "retryFailureStatusCode": [

        401

      ],     

      "errorPath": "errors[0].message",

      "expiryError": "Token has expired.",

      "maxRefreshTryCount": 5,

      "tokenResponsePath": "AuthenticationResult.AccessToken",

      "tokenType": "Bearer",

      "accessToken": "Bearer xyz"

    }

  }

}




Token endpoint response format from Postman:

{

    "AuthenticationResult": {

        "AccessToken": "token...",

        "ExpiresIn": 3600

    },

    "ChallengeParameters": {}

}




Questions:

  • Is AuthenticationResult.AccessToken the correct tokenResponsePath and the correct syntax?
  • Is there any way to see the result of the ConnectionJSON query in Saviynt logs?




This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
3 REPLIES 3

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:07 PM

Originally posted on March 19 2022 at 14:36 UTC

Answers: 

  • Yes, AuthenticationResult.AccessToken is the correct syntax but tokenType and accessToken should not be specified in the ConnectionJSON. If those attributes are specified, the hard-coded value in the accessToken variable gets passed into the ImportUserJSON instead of the value from AuthenticationResult.AccessToken
  • I have not found a way to view REST results in Saviynt but you can use https://hookbin.com to view the details of the REST calls that come out of Saviynt. This can be used to find errors in the REST calls resulting from incorrect json config

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:07 PM

Originally posted on March 22 2022 at 14:30 UTC

Hello Brian,


Could you post your final JSON here so that the community can use it as a reference in the future ?




Regards,

Avinash Chhetri

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 03:07 PM

Originally posted on March 22 2022 at 14:47 UTC

My JSON is below. Is it required to not specify the accessToken parameter? This appears to go against REST connector documentation, but it works for me.


{

  "authentications": {

    "MyConnection": {

      "authType": "oauth2",

      "url": "<url>",

      "httpMethod": "POST",

      "httpParams": {

            "AuthParameters": {

                "USERNAME": "<username>,

                "PASSWORD": "<password>"

            },

            "AuthFlow": "USER_PASSWORD_AUTH",

            "ClientId": "<client id>"    

        },

      "httpHeaders": {

        "Content-Type": "application/x-amz-json-1.1",

        "X-Amz-Target": "AWSCognitoIdentityProviderService.InitiateAuth",

        "Accept": "application/json"

      },

      "httpContentType": "application/json",   

      "authError": [

        "Incorrect username or password."

      ],

      "retryFailureStatusCode": [

        401

      ],     

      "errorPath": "errors[0].message",

      "expiryError": "Token has expired.",

      "maxRefreshTryCount": 5,

      "tokenResponsePath": "AuthenticationResult.AccessToken"

    }

  }

}

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
1 person found this solution to be helpful.
0 Kudos
Copyright © 2023 Khoros, LLC