and more in a single search tool across platforms. Read the announcement here. |
03/29/2024 06:07 AM - edited 03/29/2024 06:23 AM
Greetings,
I am working on a REST Connection and having troubles with the authentication.
So it is a Basic Authorization with a username and password. In postman I add username and password under authorization tab and pass the payloads in body and it works. I am able to create users in target through postman so the username and password is correct. As it is a Basic Type connection no tokens are generated.
In Saviynt:
ConnectionJSON (1.1):
{
"authentications": {
"acctAuth": {
"authType": "Basic",
"url": "XXXXX",
"httpMethod": "POST",
"httpParams": {},
"httpHeaders": {},
"httpContentType": "application/xml",
"properties": {
"userName":"XXXXX",
"password":"XXXXX"
},
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"testname": "<test URL>",
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"accessToken": "Basic <<TOKEN>>",
"apiRateLimitConfig": {"retryAfterCalls": 100,"retryWaitSeconds": 60}
}
}
}
ConnectionJSON (1.2):
{
"authentications": {
"acctAuth": {
"authType": "Basic",
"url": "XXXXX",
"httpMethod": "POST",
"httpParams": {},
"httpHeaders": {},
"httpContentType": "application/xml",
"properties": {
"userName":"XXXXX",
"password":"XXXXX"
},
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"accessToken": "Basic abcd",
"apiRateLimitConfig": {"retryAfterCalls": 100,"retryWaitSeconds": 60}
}
}
}
When using any of these 2 JSON's the connection is SUCCESSFUL but I am getting this error:
"DEBUG","Got null response statusCode with erroMsg - [error:Error XXXX-dev.cloud.XXXXX.XX.com: No address associated with hostname]"
ConnectionJSON(2.0):
{
"authentications": {
"acctAuth": {
"authType": "Basic",
"url": "XXXXX",
"httpMethod": "POST",
"httpParams": {
"username":"XXXXX",
"password":"XXXXX"
},
"httpHeaders": {},
"httpContentType": "application/xml"
},
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"accessToken": "Basic abcd",
"apiRateLimitConfig": {"retryAfterCalls": 100,"retryWaitSeconds": 60}
}
}
and when I am using this JSON the connection is FAILING and I am getting this error:
Could not find matching constructor for: java.util.HashMap(java.lang.String)
Cannot cast object 'ExpiredAuthenticationToken' with class 'java.lang.String'
CreateAccountJSON :
{
"accountIdPath": "call1.message.data.id",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"showResponse": true,
"url": "XXXXX",
"httpMethod": "POST",
"httpHeaders": {
"Authorization": "${connection.accessToken}",
"Content-Type": "application/xml",
"Accept": "*/*"
},
"httpParams": "<Transmission xmlns=\"URL\"><TransmissionBody><XXX:GLogXMLElement><User><GlUserGid><Gid><Xid>${users.username}</Xid></Gid></GlUserGid><Nickname>${users.displayname}</Nickname><UserPassword><NewPassword><GlPassword><TextPassword>${users.customproperty65}</TextPassword></GlPassword></NewPassword></UserPassword></User></XXX:GLogXMLElement><GLogXMLElement><Contact><EmailAddress>${users.email}</EmailAddress><FirstName>${users.firstname}</FirstName><LastName>${users.lastname}</LastName></Contact></GLogXMLElement></TransmissionBody></Transmission>",
"httpContentType": "application/xml",
"successResponses": {
"statusCode": [
201,
200,
204
]
}
}
]
}
Can someone guide me on this?
03/29/2024 10:04 AM
03/29/2024 11:51 AM
Based on the details you've provided, there are a few key points to address to help resolve the issues you're encountering with your REST Connection for Basic Authentication in Saviynt.
For Basic Authentication, the "accessToken" should be a Base64 encoded string of username:password. You don't need to include accessToken explicitly if it's not used as part of the header in the API requests, as you're including the Authorization header directly in your CreateAccountJSON.
In your CreateAccountJSON, you've correctly included the Authorization header. However, make sure that ${connection.accessToken} is properly replaced with a Base64 encoded value of your username:password.
Ensure correct Base64 encoding: The accessToken field should contain the Base64 encoded value of username:password. For Basic Authentication, this is typically generated outside the system (as you've done with Postman) and then included in your configuration. You can use online tools or a programming language to encode your credentials to Base64.
Adjust the ConnectionJSON: Given that you're using Basic Authentication, the connection JSON should focus on specifying the httpHeaders for the Authorization correctly. However, since the header might be set in each individual call (like in CreateAccountJSON), the focus in ConnectionJSON should be on the structure and common properties that don't change across calls.
Considering the error messages and your current setup, here's a revised approach to your ConnectionJSON focusing on structure and leaving the dynamic Authorization header handling to individual call JSONs like your CreateAccountJSON.
{
"authentications": {
"acctAuth": {
"authType": "Basic",
"properties": {
"userName": "XXXXX",
"password": "XXXXX"
},
"httpContentType": "application/xml",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"apiRateLimitConfig": {
"retryAfterCalls": 100,
"retryWaitSeconds": 60
}
}
}
}
Note: This configuration doesn't explicitly set accessToken since the Authorization header will be managed at each call level, as seen in your CreateAccountJSON.
Ensure that all sensitive information like userName and password are correctly entered and that any Base64 encoding is done correctly. Test your endpoint accessibility and credentials outside of Saviynt first (which you've done with Postman) to ensure the basic connectivity and authentication are functioning as expected before moving to integration testing within Saviynt.