We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Adding/removing Application Roles from user using REST API.

Anurag
Regular Contributor
Regular Contributor

We were using /createrequest API to add/remove all type of roles from user on Saviynt version 5.5SP3.06, recently we had an upgrade to 5.5SP3.13 and this API started to fail with error "Invalid role found in request.." while trying to request Application role.

 
Assuming this is the expected behavior of /createrequest API in new version, do we have any alternate API to request/remove application roles.
 
We are referring below api documentation.
 
Thanks
6 REPLIES 6

prasannta
Saviynt Employee
Saviynt Employee

The API should work in the new version too. Can you share the JSON you are sending while invoking the API?

Anurag
Regular Contributor
Regular Contributor
PrachiTestRole10 is an Application role, tried adding this using below payload by keeping "roletype":"APPLICATION".
 
{
"accesstype":"ROLES",
"username":"prachi_deshpande",
"roletype":"APPLICATION",
"requesttype":1,
"roles":[
    { 
"rolename" : "PrachiTestRole10"
} ],
"requestcomments":"test",
"requestor":"prachi_deshpande"
}
 
also tried using "roletype":"FIREFIGHTER" and "roletype":"ENTERPRISE", getting the same error for all payloads.
 
Anurag_0-1679330669069.png

 

prasannta
Saviynt Employee
Saviynt Employee

Are you seeing any errors in log? Also can you check if the role is active?

Manu269
All-Star
All-Star

@Anurag did you first try invoking Get Role Details to fetch the details?

I believe you need to pass the numeric value for Role Type.

Can you try this :

{
    "requesttype""ADD",
    "username""test1pcsqs",
    "endpoint""Workday",
    "securitysystem""Workday",
    "createnewaccounttaskifnotexist""TRUE",
    "entitlement": [
        {
            "entitlementtype""Security-Groups",
            "entitlementvalue""1099 Analyst",
            "startdate""12-23-2020",
            "enddate""12-30-2020",
            "businessjustification""test business justification"
        }
    ],
    "roles": [
        {
            "rolename""workdayapprole",
            "businessjustification""justified",
            "startdate""12-23-2020",
            "enddate""12-30-2020"
        }
    ],
    "checksod""true"
}
Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

plakhangaonkar
New Contributor II
New Contributor II

@prachi , is your application role API issue resolved? I am facing similar issue. If resolved, could you please share the details.

Hi @plakhangaonkar,  please refer below postman documentation for this.

Anurag_0-1685633140669.png

 

Sharing the request payloads that worked for our use case.

Request to add role.

{
"requesttype": "ADD",
"username": "user2",
"endpoint": "card1",
"securitysystem": "card1",
"createnewaccounttaskifnotexist":"true",
"roles": [
{
"rolename": "Role2",
"businessjustification": "justified"
}
]
}

Request to remove role.

{
"requesttype": "REMOVE",
"username": "user2",
"endpoint": "card1",
"securitysystem": "card1",
"roles": [
{
"rolename": "Role2",
"businessjustification": "justified"
}
]
}

 

Anurag.