Saviynt Forums

Hi Sudesh - thanks for reverting.

i can see following three lines in below given sequence in logs, repeating after every few seconds (~30). 

3) bouncer-{"log":"{\"log.level\":\"error\",\"@timestamp\":\"\",\"log\":{\"logger\":\"elastic-apm-node\"},\"ecs\":{\"version\":\"x.y"},\"message\":\"APM Server transport error (ECONNREFUSED): connect ECONNREFUSED 127.0.0.1:8200\"}\n","stream":"stdout","time":""}
2) ecm-{"log":"DEBUG auth.LoginController - Elastic server status check::\n","stream":"stdout","time":""}
1) ecm-{"log":"DEBUG auth.LoginController - Elastic server Start time:::1695686414097\n","stream":"stdout","time":""}

To answer your other questions, there was no upgrade / change done in last 3-4 months. Also, we haven't setup any jobs so far. Few jobs like DefaultEndpointSyncTrigger / DefaultEndpointDeltaSyncTrigger are executing every few minutes/hours so definitely not related to this event.

One more thing is, it started happening recently like from last 3-4 days. before that i couldn't find any such pattern in logs.

Hi @sudeshjaiswal issue was resolved after upgrade. thanks for your assistance.

can i also request you to look into this forum post? Need urgent attention from Saviynt experts on it.

https://forums.saviynt.com/t5/identity-governance/cyberark-vault-connector-issue/m-p/54036#M32656

Hi @sudeshjaiswal - i think i couldn't understand what you mean. There is no option in CyberArk vault connector (conection type="CyberArk") to configure connection json.

Here are the list off configurations and screenshots which i have done in Saviynt to Inject credentials from CyberArk vault to REST connector for a target system (for ex ServiceNow).

1) Check "CyberArk_Vault_Config.JPG" for cyberark vault connection

2) Check "REST_Connector_Config.JPG" for REST connection for target application

3) In REST connector, check "REST_Connector_Advanced_Config.JPG" for Advanced button config.

Now there are following two things where i am stuck:

1. CyberArk vault login url "/PasswordVault/API/auth/Cyberark/Logon" which is working fine with given credentials in postman (outside saviynt) but the same is not working in Saviynt and giving 401 authentication error. This leads me to a confusion that which type of Authorization is expected for CyberArk vault connector. Its not basic auth because thats what i have tried by providing username and password on vault connector (as you can see in attached image). So it could be any other auth type like OAuth 2.0 or OpenID connect or aything else. Can you confirm on this please?
2. In REST connector, What will be the "ConnectionJSON" configuration if credentials are pulled from vault? Didn't find any example on the document link. For this one, if you are suggesting to have basic auth then the ConnectionJson configuration in REST connector would look like this

{
"authentications": {
"userAuth": {
"authType": "Basic",
"url": "https://domain/PasswordVault/API/Auth/CyberArk/Logon",
"httpMethod": "POST",
"httpParams": {},
"httpHeaders": {},
"properties": {
"userName": "{userid}",
"password": "{pwd}"
},
"httpContentType": "text/html",
"expiryError": "ExpiredAuthenticationToken",
"retryFailureStatusCode": [401],
"authError": [
"Internal server error"
],
"timeOutError": "Read timed out",
"errorPath": "error.message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "",
"tokenType": "Basic",
"accessToken": "Basic token_value"
}
}
}

but then this means, REST connector is not fetching password from CyberArk vault as configured but instead using the accessToken mentioned in connectionjson to authorize subsequent calls. so then whats the use of CyberArk vault connector? 

I have tried to cover everything here but please let me know if you require any further information.

Regards

Gaurav

Hi @sudeshjaiswal any updates on my last post w.r.t CyberArk vault issue?