Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Servicenow Rest - Remove Access

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on March 11 2020 at 20:37 UTC

I'm using the default json file provided by Saviynt for Remove Access in Servicenow and am not having any luck with it. I get the following error:

Call response: {"error":{"detail":"Record doesn't exist or ACL restricts the record retrieval","message":"No Record found"},"status":"failure"}

I noticed that the add access json file sends along:

"httpParams": "{\"role\":\"${entitlementValue.entitlementID}\",\"user\":\"${account.accountID}\"}",

Is something like this needed in the json file to specify which user and group are being modified?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
5 REPLIES 5

Community_User
Saviynt Employee
Saviynt Employee

Originally posted on March 13 2020 at 13:18 UTC

Hi Adam,

 

It is difficult to get any conclusion from the provided information. Can you please share the debugLog and Remove Access JSON and which is being used along with the Postman Export dump file for Servicenow APIs in order to debug the issue to the below Email.

 

Email ID: Removed

 

Thanks

[This message has been edited to remove email address]

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on March 13 2020 at 16:36 UTC

I am using the default remove access JSON file from https://saviynt.freshdesk.com/support/solutions/articles/43000463489-servicenow-connector


{

"call": [

{

"name": "Group",

"connection": "userAuth",

"url": "https://<domain-name>/api/now/v1/table/sys_user_grmember/${account_entitlements.uuid}",

"httpMethod": "DELETE",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json"

},

{

"name": "Roles",

"connection": "userAuth",

"url": "https://<domain-name>/api/now/v1/table/sys_user_has_role/${account_entitlements.uuid}",

"httpMethod": "DELETE",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json"

}

]

}

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on March 23 2020 at 21:37 UTC

Please run the full account/access import again and then try to execute the Remove Access Task.

uuid values are populated as part of Import Account/Ent JSON.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on March 24 2020 at 14:58 UTC

This portion is still not working after a full import of accounts and access. Still getting the same error message as before. Users are not getting removed from groups

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on March 26 2020 at 14:26 UTC

Please find attached the updated Remove Access JSON. This should eliminate the need to run imports to process remove tasks.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.