Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Connection JSON for Authentication Type - Bearer token

sunrashinkar
New Contributor
New Contributor

{
"authentications": {
"acctAuth": {
"authType": "Bearer",
"httpMethod": "POST",
"httpParams": {},
"httpHeaders": {
"Authorization": "Bearer <initial_token>"
},
"httpContentType": "application/json",
"properties": {
"refreshToken": "<your_refresh_token>",
"refreshUrl": "<url_to_refresh_token>"
},
"authError": [
"InvalidAuthenticationToken",
"Couldn’t authenticate you",
"AuthenticationFailed"
],
"errorPath": "error",
"retryFailureStatusCode": [
401
],
"maxRefreshTryCount": 5,
"tokenExpiry": "1800",
"tokenAutoRefresh": true
}
}
}

 

I have the following questions:

Q 1) Based on my understanding after reading the rest connector guide. Is the above connection JSON correct for Authentication type Bearer token?
Q 2) Can we remove the "properties" section which talks about refresh token and refresh URL if our bearer token is going to expire only after 12 months and needs to be generated manually?
Q 3) Can we remove these 3 parameters from the above JSON ("maxRefreshTryCount", "tokenExpiry", "tokenAutoRefresh") since we are not going to refresh the tokens?
Q 4) If the above JSON is not correct what connection JSON should we use that uses bearer token as authentication type?

9 REPLIES 9

rushikeshvartak
All-Star
All-Star

Q 1) Based on my understanding after reading the rest connector guide. Is the above connection JSON correct for Authentication type Bearer token? - Yes  Refer more 

https://docs.saviyntcloud.com/bundle/REST-v24x/page/Content/Developers-Handbook.htm 

 

{
  "authentications": {
    "userAuth": {
      "authType": "oauth2",
      "url": "https://<domain name>/api/v18.2/auth",
      "httpMethod": "POST",
      "httpParams": {
        "username": "<Username>",
        "password": "<Password>"
      },
      "httpHeaders": {
        "contentType": "application/x-www-form-urlencoded"
      },
      "httpContentType": "application/x-www-form-urlencoded",
      "expiryError": "ExpiredAuthenticationToken",
      "authError": [
        "InvalidAuthenticationToken",
        "AuthenticationFailed",
        "FAILURE",
        "INVALID_SESSION_ID"
      ],
      "timeOutError": "Read timed out",
      "errorPath": "errors.type",
      "maxRefreshTryCount": 5,
      "tokenResponsePath": "sessionId",
      "tokenType": "Bearer",
      "accessToken": "<access token>"
    }
  }
}

 


Q 2) Can we remove the "properties" section which talks about refresh token and refresh URL if our bearer token is going to expire only after 12 months and needs to be generated manually?

Based on parameters send from Postman you need to modify properties section if thats not required.


Q 3) Can we remove these 3 parameters from the above JSON ("maxRefreshTryCount", "tokenExpiry", "tokenAutoRefresh") since we are not going to refresh the tokens?

tokenAutoRefreshNot required 
maxRefreshTryCount

Specify number of times to retry the token refresh if it gets an unauthorized error such as 401 or 403.

The default value is 5. 

tokenExpiryNot required 
  

maxRefreshTryCount parameters is required.

Meaning of each one mention below

https://docs.saviyntcloud.com/bundle/REST-v24x/page/Content/Examples-for-JSON-Construction.htm 


Q 4) If the above JSON is not correct what connection JSON should we use that uses bearer token as authentication type?

Refer json share above in Q1


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Thank you for your response. I just had one follow up question if you could please help me with it.
Q1) Our client has not given us Username and password and is only using bearer token for authentication, and it works in postman. So, in this case what will our connection JSON look
like? Here is Another sample of connection JSON we tried using, could you please let us know if this is alright in our case?                                                                                                                                                              {
"authentications": {
"acctAuth": {
"authType": "cookies",
"url": "https://{{serverName}}/api/Authentication/LogonAndReturnCookie?api-version={{version}}",
"httpMethod": "POST",
"httpParams": {
"BaseWebServerUrl": "https://<.....>",
"ApplicationName": "<application Name>"
},
"httpHeaders": {
"contentType": "application/json"
},
"cookies": "${cookies}",
"properties": {
"apiKey": "${apiKey}"
},
"httpContentType": "application/json",
"expiryError": "ExpiredAuthenticationToken",
"timeOutError": "Read timed out",
"errorPath": "code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "<access token>",
"retryFailureStatusCode": [
500,
502,
401
]
}
}
}

You need username and password access token will expire after some time, whats the validity of token


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

The access token is valid for a year and later is generated manually when it is expired.

Try below connection json

 

Spoiler
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://{{serverName}}/api/Authentication/LogonAndReturnCookie?api-version={{version}}",
"httpMethod": "POST",
"httpParams": {
"BaseWebServerUrl": "https://<.....>",
"ApplicationName": "<application Name>"
},
"httpHeaders": {
"contentType": "application/json"
},
"cookies": "${cookies}",
"properties": {
"apiKey": "${apiKey}"
},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Must authenticate to access this API."
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "error.message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "Bearer abcd",
"token" :"1yeartoken"

}
}
}

and in import and other json

"Authorization" :"Bearer ${connection.token}"


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hello,
Thank you for your response. I will try this JSON but I just had one question about what you mentioned about using "Authorization" :"Bearer ${connection.token}" for
import and other JSON. Where do we get "connection.token" from as it is nowhere mentioned in the JSON provided above? 

Thank you.

rushikeshvartak_0-1706931505092.png

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hello, thank you for your response. We used the following connection JSON as advised.

Connection JSON

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": https://{{serverName}}/api/Authentication/LogonAndReturnCookie?api-version={{version}},
"httpMethod": "POST",
"httpParams": {
"BaseWebServerUrl": https://<.....>,
"ApplicationName": "<application Name>"
},
"httpHeaders": {
"contentType": "application/json"
},
"cookies": "${cookies}",
"properties": {
"apiKey": "${apiKey}"
},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Must authenticate to access this API."
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "error.message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "Bearer abcd",
"token" :"1yeartoken"

}
}
}

And we used the following create account JSON with this connection JSON.
CREATE ACCOUNT JSON

{
"accountIdPath": "call1.message.id",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://cddd.com/api/DataManagement/ExecuteSequence?api-version=11111",
"httpMethod": "POST",
"httpParams": "{\"BaseWebServerUrl\": \"https://<...........>\",\"ApplicationName\": \"<app name>\",\"SequenceName\": \"REST_CreateProvisionRequest_PRM\",\"CustomSubstVarsAsCommaSeparatedPairs\": \"PRM_REST_Type\"=\"AddUser\", \"PRM_REST_Inputs\"=[\"UserName\"=\"TestSaviynt\", \"Email\"=\"TestSaviynt@test.user\", \"ExternalAuthProviderName\"=\"<.....>\"], \"PRM_REST_Source\"=\"REST\",\"PRM_REST_RequestSource=REST\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [200, 201, 204]
},
"unsuccessResponses": {
"statusCode": [302, 400, 403, 401, 404, 501, 500]
}
}
]
}

But we are still facing the same error. Following is the error we are facing. Could you please check and let us know where we could be wrong?

Error

{"auditDetails":{"call1":[{"message":"Unexpected character ('=' (code 61)): was expecting comma to separate Array entries\n at
[Source: {\"BaseWebServerUrl\": \"https://<.......>\",\"ApplicationName\": \"<app name>\",\"SequenceName\":
\"REST_CreateProvisionRequest_PRM\",\"CustomSubstVarsAsCommaSeparatedPairs\": [\"PRM_REST_Type\"=\"AddUser\", \"PRM_REST_Inputs\"=[\"UserName\"=\"TestSaviynt\",
"Email\"=\"TestSaviynt@test.user\", \"ExternalAuthProviderName\"=\"<......>\"], \"PRM_REST_Source\"=\"REST\",\" PRM_REST_RequestSource=REST\"\"]}; line: 1, column: 226]",
"status":"Failed"},

{
  "accountIdPath": "call1.message.id",
  "call": [
    {
      "name": "call1",
      "connection": "acctAuth",
      "url": "https://cddd.com/api/DataManagement/ExecuteSequence?api-version=11111",
      "httpMethod": "POST",
      "httpParams": {
        "BaseWebServerUrl": "https://<...........>",
        "ApplicationName": "<app name>",
        "SequenceName": "REST_CreateProvisionRequest_PRM",
        "CustomSubstVarsAsCommaSeparatedPairs": "PRM_REST_Type=AddUser",
        "PRM_REST_Inputs": [
          "UserName=TestSaviynt",
          "Email=TestSaviynt@test.user",
          "ExternalAuthProviderName=<.....>"
        ],
        "PRM_REST_Source": "REST",
        "PRM_REST_RequestSource": "REST"
      },
      "httpHeaders": {
        "Authorization": "${access_token}"
      },
      "httpContentType": "application/json",
      "successResponses": {
        "statusCode": [200, 201, 204]
      },
      "unsuccessResponses": {
        "statusCode": [302, 400, 403, 401, 404, 501, 500]
      }
    }
  ]
}

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.