Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ConnectionJSON-Access token is not regenerated

Puspanjali
New Contributor II
New Contributor II

‎04/08/2024 03:52 AM

Hi Team

We are trying to built the rest connection for ticketing application.

During the ticket creating it's failing with authentication error

Puspanjali_1-1712572699382.png

 

I investigated issue, If I fill the "accessToken" manually on connectionjson by using postman value, then it's working.

I believe during ticket creation ,it's not able to create new accesstoken.

In the postman response, we can see the accesstoken directly.

Could Team help me with some suggestion to fix the connection JSON.

This is the Postman Response for token

Puspanjali_0-1712572325644.png

Puspanjali_2-1712573199844.png

 

 

ConnectionJSON

{
"authentications": {
"ITSMAuth": {
"authType": "oauth2",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxxx/api/v2/authen",
"httpParams":
{
"username": "xxxxxxxxxxxx",
"password": "xxxxxxxxxxx"
},
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded"
},
"authError": [
"Authentication failed"
],
"httpMethod": "POST",
"httpContentType": "application/x-www-form-urlencoded",
"errorPath": "messageText",
"maxRefreshTryCount": 3,
"timeOutError": "Read timed out",
"tokenResponsePath": "",
"tokenType": "",
"accessToken": "",
"retryFailureStatusCode": [
401
]
}
}
}

CreateTicketJson

{
"call": [
{
"name": "call1",
"connection": "ITSMAuth",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxxxxxx/api/v2/ticket",
"httpMethod": "POST",
"httpParams": "{\"values\": {\"First_Name\": \"Lotus\",\"Last_Name\": \"Integration User\",\"Description\": \"Test access card request\",\"Detailed_Description\": \"This is Service Ticket\",\"Affected_Current_Site\": \"Head Office\",\"Assigned Support Company\": \"Lotus's\",\"Assigned Support Organization\": \"EUC\",\"Assigned Group\": \"THL3 IT Security Identity Mgmt\",\"Impact\": \"3000\",\"Urgency\": \"3000\",\"Reported Source\": \"API\",\"Service_Type\": \"Service\",\"Product Categorization Tier 1\": \"Hardware Software Services\",\"Product Categorization Tier 2\": \"Microsoft Application\",\"Product Categorization Tier 3\": \"Microsoft Outlook - Calendar\"}}",
"httpHeaders": {
"Authorization": "${access_token}",
"contentType": "application/json"
},
"httpContentType": "application/json",
"ticketidPath": "values.Incident Number",
"successResponses": {
"statusCode": [
200,
201
]
}
}
]
}

Labels:
0 Kudos
6 REPLIES 6

NikitaPawar_
New Contributor II
New Contributor II

‎04/08/2024 10:09 AM - last edited on ‎04/09/2024 12:05 AM by Community Manager

Hello Pushpanjali,

You using Incorrect authentication type 

When we are using Username and Password as credential in API's it is Basic Authentication type
and You using ouath2 as authentication type.

Here I will sharing Correct JSONs,

Connection JSON 

{

"authentications": {

"acctAuth": {

"authType": "Basic",

"url": "https://removed.com/api/tbng4/custom_service_catalog_api/cat_item/6b8cd3******************* ",

"httpMethod": "POST",

"httpHeaders": {

"content-Type": "application/json" },

"properties": {

"userName": "*********",

"password": "********" },

"httpContentType": "application/json",

"expiryError": "ExpiredAuthenticationToken",

"retryFailureStatusCode": [401],

"authError": [

"Internal server error" ],

"timeOutError": "Read timed out",

"errorPath": "message",

"maxRefreshTryCount": 5,

"tokenResponsePath": "access_token",

"tokenType":"Basic YWRta********* " }

}
}

NOTE : "tokenType":"Basic YWRta********* " }  Token type encoded from BASE 64 by using credentials like username and password of instance

Create Ticket JSON: 

{

"accountIdPath":"call1.message.result.task_effective_number",

"call": [

{

"name": "call1",

"connection": "acctAuth",

"url": "https://removed.service-now.com/api/now/table/incident ",

"httpMethod": "POST",

"httpParams": "{\"bp_id\":\"$user.username\",\"name\":\"$user.firstname\",\"assigned_to\":\"Manifah Masood\",\"email\":\"$user.email\",\"permissions\": \"${allEntitlementsValues}\"}",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json",

"ticketidPath": "result.task_effective_number",

"unsuccessResponses": {

"message": ""

}

}

]

}

 

If this helps your question, please consider selecting Accept As Solution and hit Kudos

Best,
Nikita Pawar

[This message has been edited by moderator to disable url hyperlink]
0 Kudos

Puspanjali
New Contributor II
New Contributor II
In response to NikitaPawar_

‎04/09/2024 01:25 AM

Hi Nikita,

Thanks for the suggestion.

Initially, I used the Basic, but I received the same error"authentication error" as mentioned above.

I believe both Basic and oauth2 are failing because I didn't add any "tokenResponsePath" in the connection JSON.

I'm not sure which value I should add in the "tokenResponsePath".Because if we see the POSTMAN response for the token, there is no path, it's a direct response

Puspanjali_0-1712649132772.png

Puspanjali_1-1712650507339.png

Could you please provide some suggestions related to "tokenResponsePath" or how I can add the response of connectionJSON directly in the AuthorizationHeader of ticketCreateJSON?

0 Kudos

rushikeshvartak
All-Star
All-Star

‎04/08/2024 01:11 PM

Please share create ticket postman screenshot. 


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.
0 Kudos

Puspanjali
New Contributor II
New Contributor II
In response to rushikeshvartak

‎04/09/2024 01:31 AM

Hi Rishikesh

It's a two-call process.

1.Call1 : To  generate a token

Puspanjali_2-1712651189804.png

2.Call 2 : create the ticket using that token on the authorization header.

Puspanjali_3-1712651325073.png

curl --location 'https://xxxxxxxxxxxxxxxxxxxxxxxxxxx/api/v2/ticket' \
--header 'Authorization: Basic eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJVVkRFU0siLCJpYXQiOjE3MTI2MzM0NDYsImV4cCI6MTcxMjY2MjI0NiwianRpIjoibG90dXNfcHJvZCJ9.epRiB673f2ltaQxOuYLP3UQw4tjLNMRzGoeB2Aay8sE' \
--header 'Content-Type: application/json' \
--header 'Cookie: PHPSESSID=7dcgurg0hm59gg1masnnfj2jsu; sf_redirect=%7B%22token%22%3A%22688765%22%2C%22route%22%3A%22app_api_v2_ticket_create%22%2C%22method%22%3A%22POST%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CApi%5C%5CV2%5C%5CTicketApi%22%2C%22method%22%3A%22create%22%2C%22file%22%3A%22%5C%2Fvar%5C%2Fwww%5C%2Fuvdesk%5C%2Fsrc%5C%2FApi%5C%2FV2%5C%2FTicketApi.php%22%2C%22line%22%3A29%7D%2C%22status_code%22%3A201%2C%22status_text%22%3A%22Created%22%7D' \
--data '{
"values": {
"First_Name": "xxxx",
"Last_Name": "Integration User",
"Description": "Please create access card request",
"Detailed_Description": "This is Service Ticket",
"Affected_Current_Site": "Head Office",
"Assigned Support Company": "xxxxxx",
"Assigned Support Organization": "EUC",
"Assigned Group": "THL3 IT Security Identity Mgmt",
"Impact": "3000",
"Urgency": "3000",
"Reported Source": "API",
"Service_Type": "Service",
"Product Categorization Tier 1": "Hardware Software Services",
"Product Categorization Tier 2": "Microsoft Application",
"Product Categorization Tier 3": "Microsoft Outlook - Calendar"
}
}'

 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Puspanjali

‎04/09/2024 07:39 PM

Change token type to basic in connection json


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.
0 Kudos

Falcon
Saviynt Employee
Saviynt Employee

‎04/08/2024 07:31 PM

Disclaimer -This response is created by AI and may not be accurate. Please verify the information before use. Your feedback helps us improve.

Based on the details you've provided and the authentication error that's occurring, it seems there's an issue with how the accessToken is being handled during the ticket creation process. To address this, we should ensure that the accessToken is being dynamically obtained and refreshed as needed within the ConnectionJSON.

Your ConnectionJSON should have a section that handles the OAuth2 token retrieval and refresh if OAuth2 is the authentication method used by your ticketing application. Since you mentioned that manually inserting the accessToken obtained from Postman makes it work, it suggests that the current setup does not dynamically obtain or refresh the token correctly.

Here's an outline of how you might structure your ConnectionJSON to handle OAuth2 authentication dynamically:

 

{
  "authentications": {
    "ITSMAuth": {
      "authType": "oauth2",
      "showResponse": true,
      "url": "https://<ticketing_application_base_url>/api/v2/authen",
      "httpParams": {
        "username": "<username>",
        "password": "<password>"
      },
      "httpHeaders": {
        "Content-Type": "application/x-www-form-urlencoded"
      },
      "authError": [
        "InvalidAuthenticationToken",
        "AuthenticationFailed"
      ],
      "httpMethod": "POST",
      "httpContentType": "application/x-www-form-urlencoded",
      "errorPath": "error",
      "maxRefreshTryCount": 3,
      "timeOutError": "Read timed out",
      "tokenResponsePath": "access_token_path_in_response",
      "tokenType": "Bearer",
      "accessToken": "",
      "retryFailureStatusCode": [401]
    }
  }
}

 

Please replace <ticketing_application_base_url>, <username>, and <password> with the actual values from your environment. Also, you need to adjust the "tokenResponsePath" to match the path in the JSON response from your ticketing application where the accessToken is provided.

With this ConnectionJSON, when a ticket creation request is initiated, the REST Connector should first check if an accessToken is needed and if the current token is valid. If a new token is required, it should authenticate using the provided endpoint and credentials, retrieve a new token, and proceed with the ticket creation API call.

Ensure you have the correct endpoint URL, credentials, and token path based on your ticketing application's API documentation. Also, be sure to handle the refresh token logic if your OAuth2 implementation requires it.

0 Kudos
Copyright © 2024 Khoros, LLC