Saviynt Forums

Hi Naveen,

Could you please let us know how can we achieve this account owner update through SAV4SAV instead using  importAcctEntJSON?

Thank you,

Sudheer Kaneti.

account_owner table update not supported using enhanced query https://forums.saviynt.com/t5/identity-governance/enhanced-query-execution-to-update-account-owner/m... 

For Sav4Sav share full logs in text format

Hi Rushikesh,

Please find the attached logs. 

Please let me know if you need anything.

Thank you,

Sudheer Kaneti

Logs are not relevant enable showlogs = true and share

Hi Rushikesh,

I have put the configuration as mentioned and extracted the logs.

Please find the attached logs.

Thank you,

Sudheer Kaneti

Is it working from postman ?

ccessResponses={message=Account Updated Successfully, statusCode=[200, 201]}}]' with class 'java.util.ArrayList' to class 'java.util.Map' due to: groovy.lang.GroovyRuntimeException: Could not find matching constructor for: java.util.Map(java.util.LinkedHashMap, java.util.LinkedHashMap)

Hi Rushikesh,

Update account api call is working through postman.

Thank you,

Sudheer Kaneti.

Hi Rushikesh,

I have modified the JSON, the call1 is working property and running the analytics. But call 2 is not upating the owners of the accounts.

We are getting below error, please find the attached full logs.

Error:

"ERROR","Invalid record not processed : [endpointname:SVC_AD, name:app_svc_devcyberark, rank:1, SYSTEMNAME:SVC_AD, username:3120930]"
"2024-08-02T13:14:07.170+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-8-2rf5n","ERROR","Exception in persistAccounts:"
"2024-08-02T13:14:07.520+00:00","ecm-worker","","null-2rf5n","","java.lang.NullPointerException: Cannot invoke method trim() on null object at com.saviynt.provisoning.rest.RestProvisioningService.persistAccounts(RestProvisioningService.groovy:4944)

=======================================================

Updated Json:

{
"accountParams": {
"call": {

"call1": {
"callOrder": 0,
"listField": "results",
"http": {
"httpContentType": "application/json",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpMethod": "POST",
"url": "https://BASEURL/ECM/api/v5/fetchRuntimeControlsDataV2",
"httpParams": "{\"analyticsname\":\"Account_Owner_Info\",\"attributes\":{\"endpointname\":\"SVC_AD\"}}"
}
},

"call2":{
"callOrder": 1,
"http": {
"httpContentType": "application/json",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpMethod": "POST",
"url": "https://BASEURL/ECM/api/v5/updateAccount",
"httpParams": "{\"securitysystem\":\"${response.call1.message.result[0].SYSTEMNAME}\",\"endpoint\":\"${response.call1.message.result[0].endpointname}\",\"name\":\"${response.call1.message.result[0].NAME}\",\"accountowner\":{\"type\":\"user\",\"value\":\"${response.call1.message.result[0].USERNAME}\",\"rank\":\"26\",\"action\":\"add\"}}"
},

"inputParams": {
"dependentCall": true
},
"successResponses": {
"message": "Account Updated Successfully",
"statusCode": [
200,
201
]
}


}},

"processingType": "SequentialAndIterative",
"connection": "userAuth"
},
"acctEntParams": {},
"entitlementParams": {}
}

======================================================

May you please help us to know what would be the reason for this error/Issue in the above json.

Thank you,

Sudheer Kaneti.

Did validated with hardcoded user ?

Hi Rushikesh,

I have tried with hardcoded values to update user, its succesfully updated the user in ImportacctEnt Json after running the import account json.

But when I used dynamic attributes its not working (Call1 to run runtime analytics and call2 to fetch attributes to update the account owners).

 hardcoded values:

"httpParams": "{\"securitysystem\":\"Test_SS\",\"endpoint\":\"Test_EP\",\"name\":\"S1000686\",\"accountowner\":[{\"type\":\"user\",\"value\":\"6016364\",\"rank\":\"26\",\"action\":\"add\"}]}"

Dynamic values:

"httpParams": "{\"securitysystem\":\"${response.call1.message.SYSTEMNAME}\",\"endpoint\":\"${response.call1.message.endpointname}\",\"name\":\"${response.call1.message.NAME}\",\"accountowner\":[{\"type\":\"user\",\"value\":\"${response.call1.message.USERNAME}\",\"rank\":\"26\",\"action\":\"add\"}]}"
},

Please let us know if any issue in the format.

Thank you,

Sudheer Kaneti.

What is latest error

Hi Rushikesh,

I am encountering the same error with dynamic values as I did before. Please find the attached logs.

Thank you,

Sudheer Kaneti

Hi Stalluri,

I have tried with above json and added the parameters below since it is a runtime analytics.

"httpParams": "{\"analyticsname\":\"Account_Owner_Info\",\"attributes\":{\"endpointname\":\"SVC_AD\"}}".

As per your advice, added all the details in the analytics itself.

The below two things are happening after we run account import job but not updating the owners of the accounts.

1. It is running the runtime analytics query.

2. It is creating the accounts in SAV4SAV endpoint but not updating the owners in SVC_AD endpoint.

Please let me know in case we miss something, attached is the json we used.

Thank you,

Sudheer Kaneti.

Is it creating. New account ?

Edited:

Hi Rushikesh,

Apologies for the confusion, the accounts are getting created in SAV4SAV endpoint (This is endpoint created for SAV4SAV connector )  by getting the data from the result of runtime analytics and also updated with customproperty attributes fetching the data from the analytics.

But the owners are not getting updated through update account api call 2 for the accounts in the targeted endpoint "SVC_AD" .

Thank you,

Sudheer Kaneti.

Can you share logs in text format

Hi Rushikesh,

Please find the attached logs.

Thank you,

Sudheer Kaneti.

keep only  1 record in analytics and validate

• Share below information in text file
  • JSON 
  • Postman working screenshot
  • logs in text file [highlight timestamp of job start point]
•  

Hi Rushikesh,

Please find the attached files for logs  and JSON.

The account import job starts at 2024-09-19T14:00:10.520+00:00

Please find below update account and runtime analytics control api call results from postman.

Thank you,

Sudheer Kaneti.

@SudheerKaneti : Response from analytics is in Results block not Result so try below, But I am still skeptical whether you can get call1 response and use it in call2 in Import JSON without using dependentcall. 

Because call1 response is a result set with multiple records and you need to make update call for each record by iterating but you don't have anything in API that you can call specific account. So I still believe your use case can't be handle in this approach.

We had similar use case and we couldn't achieve it with REST so we had to fall back on SAV4SAV DB which was supported at that time. Now it is no longer supported. 

{
    "accountParams": {
        "connection": "userAuth",
        "processingType": "SequentialAndIterative",
        "call": {
            "call1": {
                "callOrder": 0,
                "stageNumber": 0,
                "http": {
                    "url": "https://BASEURL/ECM/api/v5/fetchRuntimeControlsDataV2?analyticsname=Account_Owner_Info",
                    "httpParams": "{\"analyticsname\":\"Account_Owner_Info\",\"attributes\":{\"endpointname\":\"SVC_AD\"}}",
                    "httpHeaders": {
                        "Authorization": "${access_token}",
                        "Accept": "application/json"
                    },
                    "httpContentType": "application/json",
                    "httpMethod": "POST"
                },
                "listField": "results",
                "keyField": "name",
                "colsToPropsMap": {
                    "name": "NAME~#~char",
                    "customproperty41": "SYSTEMNAME~#~char",
                    "customproperty42": "ENDPOINTNAME~#~char",
                    "customproperty43": "USER~#~char",
                    "customproperty44": "USERNAME~#~char",
                    "customproperty45": "RANK~#~char",
                    "customproperty46": "ACTION~#~char"
                },
                "pagination": {
                    "offset": {
                        "offsetParam": "offset",
                        "batchParam": "max",
                        "batchSize": 1000,
                        "totalCountPath": "completeResponseMap.totalcount"
                    }
                }
            },
            "call2": {
                "callOrder": 1,
                "http": {
                    "httpContentType": "application/json",
                    "httpHeaders": {
                        "Authorization": "${access_token}",
                        "Accept": "application/json"
                    },
                    "httpMethod": "POST",
                    "url": "https://BASEURL/ECM/api/v5/updateAccount",
                    "httpParams": "{\"securitysystem\":\"${response.call1.message.results[0].SYSTEMNAME}\",\"endpoint\":\"${response.call1.message.results[0].ENDPOINTNAME}\",\"name\":\"${response.call1.message.results[0].NAME}\",\"accountowner\":{\"type\":\"user\",\"value\":\"${response.call1.message.results[0].USERNAME}\",\"rank\":\"${response.call1.message.results[0].RANK}\",\"action\":\"${response.call1.message.results[0].ACTION}\"}}"
                },
                "inputParams": {
                    "dependentCall": true
                },
                "successResponses": {
                    "message": "Account Owner Updated Successfully",
                    "statusCode": [
                        200,
                        201
                    ]
                }
            }
        }
    },
    "acctEntParams": {},
    "entitlementParams": {}
}