Click HERE to see how Saviynt Intelligence is transforming the industry. |
11/16/2023 11:38 PM - last edited on 11/17/2023 01:25 AM by Sunil
Hi Team,
Integrating CyberArk Application as target system with Saviynt. Initially with less data we didnt face issue with with job failure. Since moving to next environment we are facing issue with getting the AccessToken Refreshed successfull.
Connector type: REST
Please find the connectionJSON and ImportActEntJSON below used below:
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/xml",
"contentType": "application/json"
},
"authError": ["ITATS366E","PASWS006E"],
"url": "https://url/PasswordVault/API/Auth/CyberArk/Logon ",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "ErrorCode",
"maxRefreshTryCount": 80,
"tokenResponsePath": "string.content",
"authHeaderName": "Authorization",
"accessToken": "Basic ZZZZZZ",
"httpParams": "{\"username\":\"XXXXX\",\"password\":\"YYYYYY\"}",
"retryFailureStatusCode": [
401,
403
]
}
}
}
We can get the AccessToken refresh happening without any issue in Postman.
Please find the logs attached for your refrences.
Please provide your input to overcome this issue access token refresh issue.
Thank you,
Vidya D Mudagal
[This message has been edited by moderator to mask url]
Solved! Go to Solution.
11/17/2023 09:32 AM
Do you run a separate call to generate refresh token or is it the same call auth call. You can refer to below REST Documentation on different ways to refresh the token and create your Connection JSON accordingly. Search for (OAuth2:) available under Authentication Types section.
https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm
11/19/2023 11:30 PM
Hi @SB
We don't have any separate call to generate a refresh token and the connection JSON is followed as the documentation provided.
https://docs.saviyntcloud.com/bundle/CyberArk-REST-v23x/page/Content/Introduction.htm
the above JSON is the only code used in connection. Please find the postman response:
Please provide your valuable input
Thank you,
Vidya D Mudagal
11/24/2023 04:30 AM
Hello @vmudagal1
Import Account and Access job is failing with error 'Failed to import one or more object types.' When we checked the logs it was failing to get the token intermittently with error message '{"ErrorCode":"PASWS006E","ErrorMessage":"The session token is missing, invalid or expired."}
As we discussed, the issue lies in a load balancer. The issue is resolved when we directly hit PVWA server URL.
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/xml",
"contentType": "application/json"
},
"authError": ["ITATS366E","PASWS006E"],
"url": "https://<<PVWAserverURL>>/PasswordVault/API/Auth/CyberArk/Logon",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "ErrorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "string.content",
"authHeaderName": "Authorization",
"accessToken": "Basic XXX",
"httpParams": "{\"username\":\"XXX\",\"password\":\"XXX\", \"concurrentSession\":\"True\"}",
"retryFailureStatusCode": [
401,
403
]
}
}
}
11/20/2023 08:32 AM
Can you share the import JSON you are using.
Also, the value for maxRefreshTryCount should not be more than 5.