Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

API & Local Authentication

Go to solution
SBUK
New Contributor III
New Contributor III

‎02/21/2023 07:01 AM

Hi,
I'm attempting to use the API with which to upload some CSVs.  I saw an API user already created: SAVIyntXXXXX
 
Tried using it via the API but get "(401) Unauthorized"
 
Having looked at the account I see 
LOCALAUTHENABLED false
 
Can anyone advise how to enable the account for local authentication (which i assume it requires for API usage.)
 
Also, anyone you advise if it is possible to use the API with SSO or a certificate?   Having an API accessible from anywhere with a simple username/password isn't acceptable security wise.  Please advise if there are any other options for securing (E.g. by IP)
 
Thanks,
SB
Labels:
0 Kudos
5 REPLIES 5

Go to solution
ParitaSavla
Saviynt Employee
Saviynt Employee

‎02/21/2023 10:37 AM

Checks to make for a user that you are going to use for Authentication is 

  • User should be Active
  • Password should be correct and passwordexpired field should be false
  • The user should have Admin Sav role.

Go to solution
saikanumuri
Saviynt Employee
Saviynt Employee

‎02/21/2023 11:45 AM

This appears to be a password issue.

Along with what parita already mentioned, please also make sure the localauthenabled flag is set to true while resetting the password.

You can enable this flag by calling the updateuser API and below is the screenshot for your reference.

saikanumuri_0-1677008459402.png

For Cert-based authentication, we already have an enhancement. Please refer to https://ideas.saviynt.com/ideas/EIC-I-2798

0 Kudos

Go to solution
SBUK
New Contributor III
New Contributor III
In response to saikanumuri

‎02/21/2023 11:57 AM

Thanks for your replies.

Password definitely correct.

How can I update the property via API without a working local auth account?

0 Kudos

Go to solution
saikanumuri
Saviynt Employee
Saviynt Employee

‎02/21/2023 05:18 PM

you should be able to use the admin account that was provided at the time of setting up the instance.

If there is no access to any local accounts that can be used to make the API calls, please run the custom query job with the below query to update the flag.(Note: CustomQuery is planned to be deprecated in the future versions)

update users set passwordexpired=0, localauthenabled=1 where username='SAVIyntXXXXX'

If you are still seeing a 401 error, then reset the password from UI and again execute the above query and try it

Go to solution
SBUK
New Contributor III
New Contributor III

‎02/22/2023 09:04 AM

Thanks - Used the Custom query.

0 Kudos
Copyright © 2024 Khoros, LLC