Saviynt Forums

shubhangsinha_ · ‎11/27/2023

Hello everyone ,

We have the use case in which we have to roles to users in these 3 steps. I have written a json corresponding to it but it is giving me an error, any suggestions would be helpful.

First, identify the role that you want to assign, and then identify the user.

Use cURL and eq filter parameter with the name field to query. In this example, the queried role name is ORA_PER_HUMAN_RESOURCE_ANALYST_JOB and the role ID returned in the response is 55361929311C580B560EB8BA5C4C1886.-----> curl -i -u "<username>:<password>" -H "Content-Type: application/json" -X GET -d <payload> https://removed.com/hcmRestApi/scim/Roles?filter=name eq "ORA_PER_HUMAN_RESOURCE_ANALYST_JOB"
2 .Now that you have the role ID, search for and get the user ID. Use cURL and eq filter parameter with the username field to query. In this example, queried user name is CUST_CONTRACT_MGR_OPERATIONS and the user ID returned in the response is 5A25572D96277A00C0547E3A715EF682.---> curl -i -u "<username>:<password>" -X GET https://removed.com/hcmRestApi/scim/Users?filter=username eq "CUST_CONTRACT_MGR_OPERATIONS"

3. Using cURL, submit an ADD operation of the PATCH request to assign the role to the user. In this example, add the 55361929311C580B560EB8BA5C4C1886 role ID to the 5A25572D96277A00C0547E3A715EF682 user ID.---> curl -i -u "<username>:<password>" -H "Content-Type: application/json" -X PATCH
-d {
"schemas": [
"urn:oracle:apps:scim:schemas:fa:1.0:Role"
],
"members":[{"value":"5A25572D96277A00C0547E3A715EF682", "operation":"ADD"}]
}
https://removed.com/hcmRestApi/scim/Roles/55361929311C580B560EB8BA5C4C1886

Now corresponding to this logic in saviynt I have written the below json where I am directly fetching the account id and entitlementid which is imported correctly but I am getting an error

{
"call": [
{
"name": "Role",
"connection": "acctAuth",
"url": "https://removed.com/hcmRestApi/scim/Roles/${entitlementValue.entitlementID }",
"httpMethod": "PATCH",
"httpParams": "{\"members\": {\"value\": \"${account.accountID}\", \"operation\": \"ADD\"}}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201
]
}
}
]
}

[This message has been edited by moderator to disable hyperlink]

nimitdave · ‎11/27/2023

@shubhangsinha_ , what is the error you are getting.

Please add the config {"showLogs": true} in the config JSON and share the complete debug logs with sensitive data masked.

shubhangsinha_ · ‎11/27/2023

This is the error I am getting

"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Entered getResponseHeaders method"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","responseError : null"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","isAuthError: false"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","pullObjectsByRest - responseMap.size : 1"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","pullObjectsByRest - objectList.size : 1"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","ERROR","Call response: {"
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," "Errors" : [ {"
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," "description" : "members:invalid","
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," "code" : "400""
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," } ]"
"2023-11-27T12:31:50.472+00:00","ecm-worker","","","","}"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","ERROR","callResponseMap: [Errors:[[description:members:invalid, code:400]]]"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","showResponse: null"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","processWebservice - temp.status - Failed"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","doBreak: true"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Enter encryptHeaders"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Exit encryptHeaders"
"2023-11-27T12:31:50.034+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Task Response: {"auditDetails":{"Role":[{"headers":null,"message":{"Errors":[{"description":"members:invalid","code":"400"}]},"statusCode":400,"description":null,"status":"Failed"}]},"Role":{"headers":null,"message":{"Errors":[{"description":"members:invalid","code":"400"}]},"statusCode":400,"description":null,"status":"Failed"}}"
"2023-11-27T12:31:50.034+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Result: false"

rushikeshvartak · ‎11/27/2023

There is space in end of url please remove

"url": "https://removed.com/hcmRestApi/scim/Roles/${entitlementValue.entitlementID}",

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

shubhangsinha_ · ‎11/27/2023

Thank you for the response , but the space was removed however this is the error I am getting

"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Entered getResponseHeaders method"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","responseError : null"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","isAuthError: false"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","pullObjectsByRest - responseMap.size : 1"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","pullObjectsByRest - objectList.size : 1"
"2023-11-27T12:31:50.032+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","ERROR","Call response: {"
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," "Errors" : [ {"
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," "description" : "members:invalid","
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," "code" : "400""
"2023-11-27T12:31:50.472+00:00","ecm-worker","","",""," } ]"
"2023-11-27T12:31:50.472+00:00","ecm-worker","","","","}"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","ERROR","callResponseMap: [Errors:[[description:members:invalid, code:400]]]"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","showResponse: null"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","processWebservice - temp.status - Failed"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","doBreak: true"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Enter encryptHeaders"
"2023-11-27T12:31:50.033+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Exit encryptHeaders"
"2023-11-27T12:31:50.034+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Task Response: {"auditDetails":{"Role":[{"headers":null,"message":{"Errors":[{"description":"members:invalid","code":"400"}]},"statusCode":400,"description":null,"status":"Failed"}]},"Role":{"headers":null,"message":{"Errors":[{"description":"members:invalid","code":"400"}]},"statusCode":400,"description":null,"status":"Failed"}}"
"2023-11-27T12:31:50.034+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Result: false"

shubhangsinha_ · ‎11/28/2023

I have modified the json and this is the error I am getting now

[{"description":"members:invalid","code":"400"}]},"statusCode":400,"description":null,"status":"Failed"},{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[members:[[value:6EAF30507EF7B613E0503B0AB8A1A48D, ...]]], ...]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"}]},"Role":{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[schemas:[urn:oracle:apps:scim:schemas:fa:1.0:Role], ...], ...]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"}}

{
"call": [
{
"name": "Role",
"connection": "acctAuth",
"url": "https://xxx.servername.test/hcmRestApi/scim/Roles/9E1BB7B40AE9409DB5444AFA9A9E7EF4",
"httpMethod": "PATCH",
"httpParams": {
"schemas": [
"urn:oracle:apps:scim:schemas:fa:1.0:Role"
],
"members": [
{
"value": "55BE3577A29CB7FEE0503B0AC1A11453",
"operation": "ADD"
}
]
},
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201
]
}
}
]
}

nimitdave · ‎11/28/2023

@shubhangsinha_ , can you verify in logs that the request body is created properly. You can get the request body in the log entry as "DEBUG rest.RestProvisioningService - Calling Webservice Url -" . The above log entry will be available only when you showLogs as true in custom config as below:

{
"showLogs": true
}

shubhangsinha_ · ‎11/28/2023

Hello Nimit here are the full logs and just for your information I modified the json so the error is different too, please find the json and the logs below -->

2023-11-29T04:16:00.889+00:00","ecm-worker","services.HttpClientUtilityService","quartzScheduler_Worker-10","DEBUG","timeout validated for api..."
"2023-11-29T04:16:00.889+00:00","ecm-worker","services.HttpClientUtilityService","quartzScheduler_Worker-10","DEBUG","got response for api..."
"2023-11-29T04:16:00.889+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG",""
"2023-11-29T04:16:00.889+00:00","ecm-worker","rest.RestUtilService","quartzScheduler_Worker-10","DEBUG","pullObjectsByRest - responseStatusCode ::400"
"2023-11-29T04:16:00.890+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Entered getResponseHeaders method"
"2023-11-29T04:16:00.890+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","responseError : null"
"2023-11-29T04:16:00.890+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","isAuthError: false"
"2023-11-29T04:16:00.890+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","pullObjectsByRest - responseMap.size : 1"
"2023-11-29T04:16:00.890+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","pullObjectsByRest - objectList.size : 1"
"2023-11-29T04:16:00.890+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","ERROR","Call response: {"
"2023-11-29T04:16:01.492+00:00","ecm-worker","","",""," "Errors" : [ {"
"2023-11-29T04:16:01.492+00:00","ecm-worker","","",""," "description" : "Invalid, syntactically incorrect or unparseable input provided: 55BE3577A29CB7FEE0503B0AC1A11453","
"2023-11-29T04:16:01.492+00:00","ecm-worker","","",""," "code" : "400","
"2023-11-29T04:16:01.492+00:00","ecm-worker","","",""," "uri" : "urn:oracle:apps:scim:errors:1.0:input:invalid""
"2023-11-29T04:16:01.492+00:00","ecm-worker","","",""," } ]"
"2023-11-29T04:16:01.492+00:00","ecm-worker","","","","}"
"2023-11-29T04:16:00.892+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","ERROR","callResponseMap: [Errors:[[description:Invalid, syntactically incorrect or unparseable input provided: 55BE3577A29CB7FEE0503B0AC1A11453, code:400, uri:urn:oracle:apps:scim:errors:1.0:input:invalid]]]"
"2023-11-29T04:16:00.892+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","showResponse: null"
"2023-11-29T04:16:00.892+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","processWebservice - temp.status - Failed"
"2023-11-29T04:16:00.892+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","doBreak: true"
"2023-11-29T04:16:00.892+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Enter encryptHeaders"
"2023-11-29T04:16:00.892+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Exit encryptHeaders"
"2023-11-29T04:16:00.893+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Task Response: {"auditDetails":{"Role":[{"headers":null,"message":{"Errors":[{"description":"Invalid, syntactically incorrect or unparseable input provided: 55BE3577A29CB7FEE0503B0AC1A11453","code":"400","uri":"urn:oracle:apps:scim:errors:1.0:input:invalid"}]},"statusCode":400,"description":null,"status":"Failed"},{"headers":null,"message":{"Errors":[{"description":"Invalid, syntactically incorrect or unparseable input provided: 55BE3577A29CB7FEE0503B0AC1A11453","code":"400","uri":"urn:oracle:apps:scim:errors:1.0:input:invalid"}]},"statusCode":400,"description":null,"status":"Failed"}]},"Role":{"headers":null,"message":{"Errors":[{"description":"Invalid, syntactically incorrect or unparseable input provided: 55BE3577A29CB7FEE0503B0AC1A11453","code":"400","uri":"urn:oracle:apps:scim:errors:1.0:input:invalid"}]},"statusCode":400,"description":null,"status":"Failed"}}"
"2023-11-29T04:16:00.893+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-10","DEBUG","Result: false"

Json-->

{
"call": [
{
"name": "Role",
"connection": "acctAuth",
"url": "https://test.oraclecloud.com/hcmRestApi/scim/Roles/9734DEAF735C4F0481B53A266D3485A3",
"httpMethod": "PATCH",
"httpParams": "{\"members\":[{\"${accountResponse!=null?accountResponse?.call1?.message?.id:account?.customproperty31}\":\"\",\"operation\":\"ADD\"}]}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
204,
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
403,
401,
404,
409,
501,
500
]
}
},
{
"name": "Security Context Type",
"connection": "acctAuth2",
"url": "https://test.oraclecloud.com/hcmRestApi/scim/Roles/Nowhere",
"httpMethod": "POST",
"httpParams": "{\"RoleName\":\"${entitlementValue.displayname}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/vnd.oracle.adf.resourceitem+json",
"successResponses": {
"statusCode": [
204,
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
403,
401,
404,
409,
501,
500
]
}
},
{
"name": "Security Context Value",
"connection": "acctAuth2",
"url": "https://test.oraclecloud.com/hcmRestApi/scim/Roles/Nowhere",
"httpMethod": "POST",
"httpParams": "{\"RoleName\":\"${entitlementValue.displayname}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/vnd.oracle.adf.resourceitem+json",
"successResponses": {
"statusCode": [
204,
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
403,
401,
409,
501,
500
]
}
},
{
"name": "Resource Organization",
"connection": "acctAuth2",
"url": "https://test.oraclecloud.com/hcmRestApi/scim/Roles/Nowhere",
"httpMethod": "POST",
"httpParams": "{\"RoleName\":\"${entitlementValue.displayname}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/vnd.oracle.adf.resourceitem+json",
"successResponses": {
"statusCode": [
204,
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
403,
401,
409,
501,
500
]
}
},
{
"name": "Resource Role",
"connection": "acctAuth2",
"url": "https://test.oraclecloud.com/hcmRestApi/scim/Roles/Nowhere",
"httpMethod": "POST",
"httpParams": "{\"RoleName\":\"${entitlementValue.displayname}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/vnd.oracle.adf.resourceitem+json",
"successResponses": {
"statusCode": [
204,
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
403,
401,
409,
501,
500
]
}
},
{
"name": "Procurement Access Value",
"connection": "acctAuth2",
"url": "https://test.oraclecloud.com/hcmRestApi/scim/Roles/Nowhere",
"httpMethod": "POST",
"httpParams": "{\"RoleName\":\"${entitlementValue.displayname}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/vnd.oracle.adf.resourceitem+json",
"successResponses": {
"statusCode": [
204,
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
403,
401,
409,
501,
500
]
},
{
"showLogs": true
}
}
]
}

shubhangsinha_ · ‎12/05/2023

I used the below json as the first call and it worked -->

{
"call": [
{
"name": "Role",
"connection": "acctAuth",
"url": "https://testserver.oraclecloud.com/hcmRestApi/scim/Roles/${entitlementValue.entitlementID}",
"httpMethod": "PATCH",
"httpParams": "{\"members\":[{\"value\":\"${account?.customproperty31}\",\"operation\":\"ADD\"}]}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
204,
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
403,
401,
404,
409,
501,
500
]
}
}

Saviynt Forums

Add access json for Oracle REST connector