Saviynt Forums

Kumat · ‎05/16/2023

I'm using REST connector to create account and add access when i try to execute from postman it works as expected.

I have modified create account JSON and Add access JSON as per saviynt standards following examples from this link : Examples for JSON Construction (saviyntcloud.com)

Here are the JSON's

CreateAccountJSON:

{
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": {
"user": {
"email": "${user.email}",
"status": "pending",
"roles": [
"${entitlementValue.entitlementID}"
]
},
"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
}]
}

AddAccessJSON:

{
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members/${account.acc...}",
"httpMethod": "PUT",
"httpParams": {
"accounts": {
"accountName": "${account.accountID}",
"status": "pending",
"roles": "${entitlementValue.entitlementID}"
}
},
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201
]
},
"unsuccessResponses": {
"statusCode": [
400,
401,
404,
405,
500
]
}
}]
}

But when tasks are created and picked up by provisioning jobs tasks fails with error. Attached is the log error.

Thank you in advance.

sudeshjaiswal · ‎05/16/2023

Hello @Kumat,

Could you please confirm if you are populating the `accountIdPath` within the `CreateAccountJSON` parameter to ensure the successful completion of the task? This particular parameter is utilized for creating accounts in the target application, and it is crucial to include the necessary information in `accountIdPath` within the `CreateAccountJSON` parameter in order to achieve a successful outcome.

Please refer below document:-
https://docs.saviyntcloud.com/bundle/REST-v55x/page/Content/Developers-Handbook.htm

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Kumat · ‎05/17/2023

No. I'm not populating the 'accountidPath'. Here is the JSON i'm using for create account JSON.

{
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": {
"user": {
"email": "${user.email}",
"status": "pending",
"roles": [
"${entitlementValue.entitlementID}"
]
},
"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
}]
}

Kumat · ‎05/17/2023

I updated JSON as below and still see the error unable to create account. I assume when new account task is bieng provisioned accountID gets created. In this case i'm seeing accountID as mandatory.

{
"accountIdPath": "call1.message.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": {
"user": {
"email": "${user.email}",
"status": "pending",
"roles": [
"${entitlementValue.entitlementID}"
]
},
"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
}]
}

Error:

rest.RestProvisioningService - Error in provisioning: AccountID is mandatory
2023-05-17/18:44:21.005 [{}] [quartzScheduler_Worker-15] DEBUG rest.RestProvisioningService - taskResult:: false
2023-05-17/18:44:21.005 [{}] [quartzScheduler_Worker-15] ERROR rest.RestProvisioningService - Error while creating account - Bhushan.Jejurkar@Test.org removing tasks from the list

Attached is the log.

sudeshjaiswal · ‎05/17/2023

Hello @Kumat,

The error message you mentioned specifically states that the 'accountId' is mandatory. This suggests that the 'accountId' field is required for the API call to be successful.

I have updated the JSON and explicitly mention the 'accountId' field to 'accountName'.
Please find the Sample JSON Below.

Can you please try with the below JSON,

{
"accountIdPath": "accountName",
"responseColsToPropsMap": {},
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": {
"user": {
"email": "${user.email}",
"status": "pending",
"roles": [
"${entitlementValue.entitlementID}"
]
},
"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
}]
}

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Kumat · ‎05/18/2023

Is see tasks are picked up, still see the same error message. Attached are additional logs.

ERROR rest.RestProvisioningService - Error in createNewUser::
groovy.lang.MissingMethodException: No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[user:[email:${user.email}, status:pending, ...], ...], ...]

sudeshjaiswal · ‎05/18/2023

Hello @Kumat,

Can you please try the below JSON, and if this also fails,
Please try to pass any user-email value in the account id and try.

{
"accountIdPath": "call1.message.email",
"responseColsToPropsMap": {},
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": {
"user": {
"email": "${user.email}",
"status": "pending",
"roles": [
"${entitlementValue.entitlementID}"
]
},
"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
}]
}

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Kumat · ‎05/19/2023

2023-05-19/17:05:16.062 [{}] [quartzScheduler_Worker-7] ERROR rest.RestProvisioningService - Error in createNewUser::
groovy.lang.MissingMethodException: No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[user:[email:${user.email}, status:pending, ...], ...], ...

Same error, I made changes as suggested adding email and the provided JSON.

sudeshjaiswal · ‎05/21/2023

Hello @Kumat,

Could you please double-check the "connection":"userAuth" field? The value you specified in the createAccountJson matches what you mentioned in the Connections Details. I have attached a screenshot for reference.

For Ref: https://docs.saviyntcloud.com/bundle/REST-v55x/page/Content/Developers-Handbook.htm
Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Kumat · ‎05/22/2023

In connection JSON. It is userAuth below is the connection JSON.

Connection JSON:

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"httpHeaders": {
"contentType": "application/x-www-form-urlencoded"
},
"authError": ["InvalidAuthenticationToken", "AuthenticationFailed", "FAILURE", "INVALID_SESSION_ID"],
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7",
"httpMethod": "GET",
"httpContentType": "application/json",
"errorPath": "errors.type",
"maxRefreshTryCount": 5,
"tokenResponsePath": "sessionId",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "**********************",
"retryFailureStatusCode": []
}
}
}

sudeshjaiswal · ‎05/24/2023

Hello @Kumat

Could you please attempt using the following JSON? The error you are encountering, "No Signature Methods," suggests that certain parameters are missing.
I have constructed the JSON below, wherein I have associated "user" with "${user.systemUserName}". You may replace it if the desired value or remove it if it is not required for your target application.

{
"accountIdPath": "call1.message.email",
"responseColsToPropsMap": {},
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": "{ \"user\":\"${user.systemUserName}\" \"email\": \"${user.email}\", \"status\": \"pending\", \"roles\": [\"${entitlementValue.entitlementID}\"] } }",
"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [200]
}
}
]
}

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Kumat · ‎05/25/2023

I see API call trying to create an account but i see the below error.

Comments

{"call1":{"headers":{"Transfer-Encoding":"chunked","CF-Ray":"7cce225bf88005b3-IAD","Server":"cloudflare","X-Content-Type-Options":"nosniff","Connection":"keep-alive","Pragma":"no-cache","Date":"Thu, 25 May 2023 13:30:39 GMT","X-Frame-Options":"SAMEORIGIN","CF-Cache-Status":"DYNAMIC","Strict-Transport-Security":"max-age=31536000","Cache-Control":"no-store, no-cache, must-revalidate, post-check=0, pre-check=0","Set-Cookie":"__cflb=0H28vgHxwvgAQtjUGUFqYFDiSDreGJnUq7j5ycUaxuB; SameSite=Lax; path=/; expires=Thu, 25-May-23 16:00:40 GMT; HttpOnly,__cfruid=b38dcaf06a105ccdd0081e28166caf884d09426c-1685021439; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None","Vary":"Accept-Encoding","Expires":"Sun, 25 Jan 1981 05:00:00 GMT","Content-Type":"application/json"},"message":{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null},"statusCode":400,"description":null,"status":"Failed"}}

rushikeshvartak · ‎05/25/2023

Hardcode authorization token and try

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Kumat · ‎05/30/2023

Still same. Provisioning is not success.

HttpOnly; Secure; SameSite=None","Vary":"Accept-Encoding","Expires":"Sun, 25 Jan 1981 05:00:00 GMT","Content-Type":"application/json"},"message":{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null},"statusCode":400,"description":null,"status":"Failed"}}

sudeshjaiswal · ‎05/30/2023

Hello @Kumat,

The error message indicates that there is an issue with the format of the Authorization header in the request.
You validate the value of ${access_token} and make sure it is in the correct format.
Please try this json.
{
"accountIdPath": "call1.message.email",
"responseColsToPropsMap": {},
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": "{ \"user\":\"${user.systemUserName}\", \"email\": \"${user.email}\", \"status\": \"pending\", \"roles\": [\"${entitlementValue.entitlementID}\"] } }",
"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [200]
}
}
]
}

If you find the above response useful, Kindly Mark it as "Accept As Solution".

sudeshjaiswal · ‎05/31/2023

Hello @Kumat,

Can you please provide the snippet from the postman, as shown in below screenshot
For the Connection and create account Json. I need the curl Snippet for both, so that we can validate.
PFA Screenshot,

Note:- Please hide the confidential information from the curl snippet.

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Kumat · ‎07/12/2023

Saviynt asked me to validate the JSON one more time using json validator and it looks good.

sudeshjaiswal · ‎07/12/2023

Hello @Kumat,

Could you please try the below json,

{
"accountIdPath": "call1.message.email",
"responseColsToPropsMap": {},
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://api.cloudflare.com/client/v4/accounts/09fd3a16b2b05b606bff7d91b2b9a4d7/members",
"httpMethod": "POST",
"httpParams": "{\"email\": \"${user.email}\",\"status\": \"pending\",\"roles\": [\"${entitlementValue.entitlementID}\"]}}",

"httpHeaders": {
"ContentType": "application/json",
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
]
}

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

sudeshjaiswal · ‎07/13/2023

Hello @Kumat,

If the above Json doesn't work, could you also provide the response from the postman?

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

piyushm · ‎09/18/2023

@Kumat The last '}" in "httpParams": "{\"email\": \"${user.email}\",\"status\": \"pending\",\"roles\": [\"${entitlementValue.entitlementID}\"]}}" is not needed.

sudeshjaiswal · ‎09/18/2023

Hello @piyushm,

Could you please share the Your Current Connection Json, Create Account Json, Add Access Json and the Complete Postman response with the as well!

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

piyushm · ‎09/19/2023

Hi @sudeshjaiswal - I came across this post while searching for my issue and noticed the above issue could be because of the extra } in the last json. But my issue is different. It is not able to resolve the entitlementId from the createaccountjson. In the logs I can see the $ being passed. If I hardcode the entitlement Id then i see all the details in the payload and the user gets created.

Calling Webservice Url - https://**************/v1/am/user with httpParams - [email:${user.email}, firstName:${user.firstname}, lastName:${user.lastname}, isActive:true, phone:${user.phonenumber}, roles:[${entitlementValue.entitlementID}]]

{
"accountIdPath": "accountName",
"call": [{
"name": "call1",
"connection": "userAuth",
"url": "https://********************/v1/am/user",
"httpMethod": "POST",
"httpParams": "{\"email\": \"${user.email}\",\"firstName\": \"${user.firstname}\",\"lastName\": \"${user.lastname}\",\"isActive\": \"true\",\"phone\": \"${user.phonenumber}\",\"roles\": [\"${entitlementValue.entitlementID}\"]}",
"httpHeaders": {
"Authorization": "Bearer *********************************"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
204, 201, 200
]
},
"unsuccessResponses": {
"error.message": "Operation Failed",
"statusCode": [
404, 401, 400, 403
]
}
}]
}

sudeshjaiswal · ‎09/19/2023

Hello @piyushm ,

The CreateJson Account you cannot pass the ${entitlementValue.entitlementID} because the entitlment information will not be avaible while create account request.You can achieve this using the dynamic attribute storing the entitlment information in any customproperty and using the attribute in the createaccount json.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Saviynt Forums

Create account and Add access failed using REST connector