and more in a single search tool across platforms. Read the announcement here. |
11/08/2022 10:13 AM
Hi Team,
We have a REST end point which is throwing 403 error while provisioning & import.
error logs
rest.RestProvisioningService - pullObjectsByRest - responseStatusCode ::403\n","stream":"stdout","time":"2022-11-06T23:43:25.459262199Z"
httpParams - null\n","stream":"stdout","time":"2022-11-06T21:26:00.292732207Z"
- Checked CURL command its working in SC2
- Working fine in POSTMAN
What else could have gone wrong ?
11/08/2022 10:23 AM
Have you checked the curl on the sc2.0 server (this box is on the saviynt cloud) or sc2.0 client (client box is the one on the customer side)?
11/08/2022 10:30 AM - edited 11/08/2022 10:30 AM
403 means you are unauthorized to perform action. Make sure you have required access in application.
Please validate URLs of application from postman before trying in Saviynt
if postman working share screenshot from postman & JSON which is failing
11/09/2022 08:55 PM
POSTMAN - Create user account
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CreateAccountJSON
~~~~~~~~~~~~~~~~~~~~~~
{
"accountIdPath": "accountName",
"call": [{
"name": "call1",
"connection": "userAuth",
"httpMethod": "POST",
"url": "https://XXXXXXXXXXXXXXXXXXXXXXXXXinternal-identity-management/v1/users/entitlements",
"httpParams": "{\"firstName\":\"${user.firstname}\",\"lastName\":\"${user.lastname}\",\"email\":\"${user.email}\",\"username\":\"${user.username}\",\"country\":\"US\",\"entitlementId\":\"eport-customer-support-qa\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
202,
203,
204
]
}
}]
}
11/09/2022 09:17 PM
Provisioning Comments
~~~~~~~~~~~~~~~~~~~~~~~~~~~
{"call1":{"headers":{"Access-Control-Allow-Origin":"","Access-Control-Allow-Methods":"GET,POST,PUT,PATCH,DELETE","X-Content-Type-Options":"nosniff","Connection":"keep-alive","efx-transaction-id":"02d5e0d1-ebf6-4c23-0d3a-4302a7f053df","Pragma":"no-cache","Date":"Thu, 10 Nov 2022 05:07:03 GMT","Access-Control-Allow-Headers":"origin,Content-Type,Authorization,x-efx-access-token,Store,Locale,Extension-Attributes","Access-Control-Expose-Headers":"Location","Strict-Transport-Security":"max-age=31536000; includeSubDomains; preload","Cache-Control":"no-store","Content-Length":"114","Access-Control-Max-Age":"3628800","X-XSS-Protection":"1; mode=block","Content-Type":"application/json"},"message":{"ErrorCode":"403.02","description":"Access denied for user"},"statusCode":403,"description":null,"status":"Failed"}}
11/09/2022 11:17 PM
Hi,
To examine further, please share the connection JSON and a screenshot from Postman for the authentication API call after hiding the credentials.
Thanks
Vedanth
11/10/2022 06:26 AM
Connection JSON
{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://xxxxxxxxxxxxxxxxxxxx/oauth2/xxxxxxxxxx/v1/token?grant_type=client_credentials&client_id=xxxx...",
"httpMethod": "POST",
"httpParams": {
"Content-Type": "application/json"
},
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded"
},
"expiryError": "Access token is expired.",
"authError": [
"ExpiredAuthenticationToken",
"Access token is expired."
],
"timeOutError": "Read timed out",
"errorPath": "message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401
],
"accessToken": "Bearer fghjkascghjk"
}
}
}
11/10/2022 09:15 PM - edited 11/10/2022 09:22 PM
Hi,
Please enter the 403 error code in the retryFailureStatusCode, remove the Content-Type from httpParams and add the Headers in the JSON under httpHeaders.
Thank you
11/10/2022 11:16 PM
Connection JSON
{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://xxxxxxxxxxxxxxxxxxxx/oauth2/xxxxxxxxxx/v1/token?grant_type=client_credentials&client_id=xxxx...",
"httpMethod": "POST",
"httpParams": {
"Content-Type": "application/json"
},
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded"
},
"expiryError": "Access token is expired.",
"authError": [
"ExpiredAuthenticationToken",
"Access token is expired."
],
"timeOutError": "Read timed out",
"errorPath": "message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401,403
],
"accessToken": "Bearer fghjkascghjk"
}
}
}