Saviynt Forums

Pratham · ‎10/14/2024

Hi Team,

I am using the addAccess Json as provided in the Azure AD connector guide. Use case is simple. I am using the ARS to place request for an Azure AD group which is of the entitlement type AADGroup in Saviynt.

{
"call": [
{
"name": "AADGroup",
"connection": "${connectionName}",
"url": "https://graph.microsoft.com/v1.0/groups/${entitlementValue.entitlementID}/members/\\$ref",
"httpMethod": "POST",
"httpParams": "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/${account.accountID}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}
]
}

The request gets submitted and the task was created But, when I run the provisioning job, the following error comes up:

{"auditDetails":{"AADGroup":[{"headers":null,"message":{"error":{"code":"Request_ResourceNotFound",
"message":"Resource 'a0000e86-4c39-0060-92c4-5999999' does not exist or one of its queried
 reference-property objects are not present.","innerError":{"date":"2024-10-14T09:14:58",
"request-id":"100041ae-be40-4dd5-a74d-b00000085","client-request-id":
"100000ae-be40-4dd5-a74d-bc7d0000005"}}},"statusCode":404,"description":null,"status":"Failed"},

NM · ‎10/14/2024

@Pratham does the entitlement exist in azure?

Pratham · ‎10/14/2024

Hi @NM ,

Yes, it exists in Azure AD.

NM · ‎10/14/2024

@Pratham is it working from postman share ss

Pratham · ‎10/14/2024

I didn't try this through Postman, I only tested it through ARS.

NM · ‎10/14/2024

@Pratham

Try this

"call": [{

"name": "AADGroup",

"connection": "userAuth",

"url": "https://graph.microsoft.com/v1.0/groups/${entitlementValue.entitlementID}/members/\\$ref",

"httpMethod": "POST",

"httpParams": "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/${account.accountID}\"}",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json",

"successResponses": {

"statusCode": [

200,

201,

204,

205

]

}

}]}

Share logs if doesn't work.

Pratham · ‎10/14/2024

Hi @NM ,

I tried with "connection": "userAuth", but it's not working.

NM · ‎10/14/2024

@Pratham share logs

When used connection name as dynamic variable.

Manu269 · ‎10/14/2024

@Pratham hope you are referring from here : Configuring the Integration for Provisioning and Deprovisioning (saviyntcloud.com)

We tested and its working.

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

rushikeshvartak · ‎10/14/2024


Request_ResourceNotFound - means AAD Group is not exists in Azure AD, Please test with group which is there in AAD

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saviynt Forums

Add Access task for Azure AD failing