Saviynt Forums

Sankar · ‎07/02/2024

Hi All,

I am using REST connector for an application integration. I am using the below connection Json and it is working when I pasted to connection JSON parameter under connection.

After the token is expired, I could see the below error in logs.

++++++++++++++++++

2024-06-21T11:52:55.669+00:00 ecm-worker rest.RestUtilService quartzScheduler_Worker-9-5xdm2 DEBUG Got showLogs = true
2024-06-21T11:52:55.669+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 DEBUG Calling Webservice Url - https://api.walkme.com/public/v1/scim/Users/ with httpParams - [userName:sugandha.varma@removed.com, externalId:sugandha.varma@removed.com, name:[familyName:Sugandha, givenName:Varma], password=******
2024-06-21T11:52:55.669+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG calling executeRequestWithTimeoutConfig for api...
2024-06-21T11:52:55.669+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG Enter getTimeOutConfig
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG connectionType: REST
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG connectionTimeoutConfig before guardRail validation: null
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG INFO: connectionTimeoutConfig is null, setting it to default value
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG Final connectionTimeoutConfig after guardRail validation: [connectionTimeout:10, writeTimeout:60]
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG calling api...
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG before calling executeRequestWithHeaders for api...
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG isFipsEnabled = false
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG getHttpClient - proxyParams : null
2024-06-21T11:52:55.670+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG getHttpClient - sslSocketFactory : null
2024-06-21T11:52:55.676+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG setting connection timeout to 10 seconds and request timeout to 60 seconds
2024-06-21T11:52:55.677+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG getHttpClient - HttpClientBuilder.create().build() called.
2024-06-21T11:52:55.972+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG called executePostRequestWithHeaders for api...
2024-06-21T11:52:55.972+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG after calling executeRequestWithHeaders for api...
2024-06-21T11:52:55.972+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG called api...
2024-06-21T11:52:55.972+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG timeout validated for api...
2024-06-21T11:52:55.972+00:00 ecm-worker services.HttpClientUtilityService quartzScheduler_Worker-9-5xdm2 DEBUG got response for api...
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestUtilService quartzScheduler_Worker-9-5xdm2 DEBUG Got showLogs = true
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 DEBUG Got Webservice API Response: [headers:[Content-Type: application/json; charset=utf-8, Content-Length: 23, Vary: Origin, X-Kong-Response-Latency: 1, Date: Fri, 21 Jun 2024 11:52:55 GMT, Connection: close, Content-Security-Policy: default-src 'none', X-Frame-Options: DENY, X-Content-Type-Options: nosniff, X-XSS-Protection: 1; mode=block, Strict-Transport-Security: max-age=31536000;preload], responseText:{exp":"token expired"} cookies:[] statusCode:401]"
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestUtilService quartzScheduler_Worker-9-5xdm2 DEBUG pullObjectsByRest - responseStatusCode ::401
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 ERROR Exception in pullObjectsByRest :401
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 ERROR Inside token Expiry Exception block. connectionParamMap.refreshTryCount : 0
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 DEBUG Incrementing connectionParamMap.refreshTryCount : 1
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 DEBUG maxRefreshTryCount : 5
2024-06-21T11:52:55.972+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 DEBUG Inside populateHttpParamsForBasicWithAccessToken ....
2024-06-21T11:52:55.974+00:00 ecm-worker rest.RestProvisioningService quartzScheduler_Worker-9-5xdm2 ERROR Exception in populateHttpParamsForBasicWithAccessToken

++++++++++++++++++

Once I saw this message, I pasting the same Json to connectionJson parameters.

And again it is working.

Automatically the token is not getting automatically.

Can you please help me with this.

+++++++++++++++++++++++++++++++++++

{
"authentications":{
"acctAuth":{
"authType":"basicWithAccessToken",
"authError":[
"InvalidAuthenticationToken",
"AuthenticationFailed",
"FAILURE",
"INVALID_SESSION_ID"
],
"properties":{
"userName":"XXXXXXXXXXXXXXXXX",
"password":"XXXXXXXXXXXXXXXXXX"
},
"url":"https://XXXXXXXXXXXXXXX/accounts/connect/token",
"httpMethod":"POST",
"httpContentType":"application/x-www-form-urlencoded",
"errorPath":"error.code",
"maxRefreshTryCount":5,
"tokenResponsePath":"access_token",
"tokenType":"Bearer",
"accessToken":"Bearer XXXXXXXXXXXXXXXXXXXXX",
"retryFailureStatusCode":[
401,
403,
500
]
}
}
}

+++++++++++++++++++++++++++++++++++

Postman Response:

Thanks,

Sankar

[This message has been edited by moderator to mask sensitive information]

rushikeshvartak · ‎07/02/2024

Please share postman screenshot and curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]
⚠️‼️‼️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.‼️‼️⚠️

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎07/04/2024

Hi @rushikeshvartak ,

Please find the Postman screenshot in the above. Also please find curl command from postman.

+++++++++++++++++++++

curl --location 'https://XXXXXXXXXX/accounts/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--data-urlencode 'grant_type=client_credentials'

+++++++++++++++++++++

Thanks,

Sankar.

rushikeshvartak · ‎07/04/2024

"accessToken":"Basic XXXXXXXXXXXXXXXXXXXXX",

And xxx will be username:password in base 64 encoded

refer https://docs.saviyntcloud.com/bundle/REST-v24x/page/Content/Examples-for-JSON-Construction.htm

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎07/05/2024

HI @rushikeshvartak ,

Yes. XXX is the combination of username and password.

We are using the username and password in credentials and when we are clicking send button the username and password will be encrypted and it s going in header as Authorization.

Can you please let me what should try from my end.

Thanks,

Sankar.

rushikeshvartak · ‎07/05/2024

Change "authType":"basicWithAccessToken",

to Basic

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎08/20/2024

Hi @rushikeshvartak I have tried with that also, But is not working after 24hrs.

Can you please let me know, how to fix this.

Thanks,

Sankar.

rushikeshvartak · ‎08/20/2024

Share updated connection json

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎08/22/2024

Hi @rushikeshvartak ,

Please find the Json with authtype BasicwithAccessToken.

++++++++++++++++++++++++++++++++++++++++++

{
"authentications": {
"acctAuth": {
"authType": "BasicWithAccessToken",
"url": "https://XXXXXXX.com/accounts/connect/token",
"httpMethod": "POST",
"properties": {
"grant_type": "client_credentials",
"userName": "XXXXXXXXXXXXX",
"password": "XXXXXXXXXXXXXX"
},
"httpHeaders": {
"Accept": "application/json"
},
"httpContentType": "application/json",
"expiryError": "ExpiredAuthenticationToken",
"retryFailureStatusCode": [403, 401, 500],
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken",
"The token is expired"
],
"timeOutError": "Read timed out",
"errorPath": "error",
"maxRefreshTryCount": 2,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "Bearer XXXXXXXXXXXXX"
}
}
}

++++++++++++++++++++++++++++++++++++++

Thanks,

Sankar.

rushikeshvartak · ‎08/22/2024

Does import /provisioning working with hardcoded token ?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎08/22/2024

Hi @rushikeshvartak ,

Yes. Import and provision is working fine on day 1. After 24hrs (i.e., Once token expired) the use cases are not working.

Again If I replace a same connection Json, it started working.

THis is the issue. The access token renewal is not happening to SIGA.

Thanks,

Sankar.

rushikeshvartak · ‎08/22/2024

use oauth2

"authType": "ouath2",

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎08/22/2024

Hi @rushikeshvartak ,

Even I tried that, same behaviour for that too.

Thanks,

Sankar.

rushikeshvartak · ‎08/22/2024

Add test connection param and share logs during saving connections

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎09/10/2024

Hi @rushikeshvartak ,

We have tried to add the testconnection params in connection JSON also, but it does not work after a day.

Still you want to me to try it out.

Thanks,

Sankar.

rushikeshvartak · ‎09/10/2024

Share updated json

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sankar · ‎09/26/2024

Hi @rushikeshvartak ,

Apologies for the delay.

We have created the New connection with OAUTH2 and saved the connection and shared the logs.

Please find the logs for the same. Log file name "Connection JSon saved_logs_Walkme_sep_26"

Also Please find the Connection JSON we used.

+++++++++++++++++++++++++++++++++++

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://api.XXXXXXX/connect/token",
"httpMethod": "POST",
"httpParams": {},
"httpHeaders": {},
"httpContentType": "text/html",
"properties": {
"userName": "XXXXXXXXXXX",
"password": "XXXXXXXXXXXXXXXXXX"
},
"expiryError": "token expired",
"authError": [
"Couldn't authenticate you"
],
"timeOutError": "Read timed out",
"errorPath": "error",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "Bearer XXXXXXXXXXXXXXXXXXXX",
"testConnectionParams": {
"http": {
"url": "https://api.XXXXXXXXXXXXXXXXX/scim/AccessRoles",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"successResponse": [],
"successResponsePath": "",
"errors": [
"Couldn't authenticate you"
],
"errorPath": "error"
}
}
}
}

+++++++++++++++++++++++++++++++++++

Thanks,
Sankar.

rushikeshvartak · ‎09/26/2024

Your saviynt instance have issue. raise support ticket to restart all pods

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saviynt Forums

Access token is not getting regenerated by REST connector