Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CyberArk SCIM connection json

AtrayeeDutta
Regular Contributor
Regular Contributor

‎02/29/2024 05:25 AM - edited ‎02/29/2024 05:28 AM

Hi Team,

Can anyone please help with working connection json from OOTB SCIM CyberArk connector?

Used below 2 options:

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://*****.id.cyberark.cloud/oauth2/platformtoken",
"httpMethod": "POST",
"httpParams": {
"client_id": "identity-privilege-integration-user$@cyberark.cloud.****",
"client_secret": "********************************",
"grant_type": "client_credentials"
},
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded"
},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"Unable to authenticate the client",
"Invalid token Bearer"
],
"retryFailureStatusCode": [
401,
403,
404
],
"expiryError": "ExpiredAuthenticationToken",
"importSuccessResponses": {
"statusCode": [
200,
201,
202,
203,
204,
205
]
},
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"refreshType": "",
"tokenType": "Bearer",
"accessToken": "Bearer <token from postman>
}
}
}

getting this error:

2024-02-29T18:11:06+05:30-ecm-2024-02-29T12:41:06.166334869Z stdout F 2024-02-29 12:41:06,166 [http-nio-8080-exec-17] DEBUG rest.RestProvisioningService -
 
2024-02-29T18:11:06+05:30-ecm-2024-02-29T12:41:06.166344969Z stdout F 2024-02-29 12:41:06,166 [http-nio-8080-exec-17] DEBUG rest.RestUtilService - pullObjectsByRest - responseStatusCode ::500
 
2024-02-29T18:11:06+05:30-ecm-2024-02-29T12:41:06.166502269Z stdout F 2024-02-29 12:41:06,166 [http-nio-8080-exec-17] DEBUG rest.RestProvisioningService - Exception in converting responseText to Map
 
Used the one given in FD:
 
{
"authentications": {
"acctAuth": {
"authType": "Basic",
"url": "https://88888.id.cyberark.cloud/oauth2/platformtoken",
"httpMethod": "GET",
"httpParams": {},
"httpHeaders": {},
"httpContentType": "text/html",
"properties": {
"userName": "identity-privilege-integration-user$@cyberark.cloud.*****",
"password": "****"
},
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"ExpiredAuthenticationToken",
"AuthenticationFailed",
"Read timed out"
],
"importSuccessResponses": {
"statusCode": [
200,
201,
202,
203,
204,
205
]
},
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"accessToken": "<access token from postman>"
}
}
}
 
Connection failing
 
Regards,
Atrayee
Labels:
0 Kudos
3 REPLIES 3

AmitM
Valued Contributor
Valued Contributor

‎02/29/2024 06:17 AM

Hi @AtrayeeDutta , We were using basic auth and for that this what worked.

IN your basic auth sample , URL is of OAuth , that wont work with Basic. 

Try first in postman with the information that you have , OAuth or basic. Working in postman and not in Saviynt then we can try to troubleshoot.

{
"authentications": {
"acctAuth": {
"authType": "Basic",
"url": "http://XXX/CyberArkScim/scim",
"httpMethod": "GET",
"httpParams": {},
"httpHeaders": {},
"httpContentType": "text/html",
"properties": {
"userName": "Saviynt",
"password": ""
},
"expiryError": "ExpiredAuthenticationToken",
"authError": ["InvalidAuthenticationToken","ExpiredAuthenticationToken","AuthenticationFailed","Read timed out"],
"importSuccessResponses":{
"statusCode": [200, 201, 202, 203, 204, 205]
},
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"apiRateLimitConfig": {
"retryAfterCalls": 100,
"retryWaitSeconds": 60
},
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"accessToken": "Basic assa"
}
}
}

Thanks,

Amit

If this answers your query, Please ACCEPT SOLUTION and give KUDOS.

0 Kudos

AtrayeeDutta
Regular Contributor
Regular Contributor
In response to AmitM

‎02/29/2024 06:39 AM - edited ‎02/29/2024 06:50 AM

@AmitM Thank you for your response, Above one u pasted is from freshdesk right..this is failing with the above error.

Its working from postman, able to get the token.

postman :

AtrayeeDutta_0-1709218224371.png

 

Regards

0 Kudos

AmitM
Valued Contributor
Valued Contributor
In response to AtrayeeDutta

‎02/29/2024 07:58 AM - edited ‎02/29/2024 07:59 AM

HI @AtrayeeDutta , I don't think what you are trying to do is feasible with Saviynt OOTB SCIM connector. 

There are two ways to connect to cyberArk ootb :

1)https://docs.saviyntcloud.com/bundle/CyberArk-SCIM-v23x/page/Content/About-This-Guide.htm

2)https://docs.saviyntcloud.com/bundle/CyberArk-REST-v23x/page/Content/About-This-Guide.htm

If you choose to follow SCIM based , you have to use the JSON I shared above and what is in guide, an the url to get token is "http://XXX/CyberArkScim/scim"

Not https://88888.id.cyberark.cloud/oauth2/platformtoken 

You can also create your own REST connector , and try to achieve what you can in postman but it would be tough specially with cyberArk.

Thanks,

Amit

If this answers your query, Please ACCEPT SOLUTION and give KUDOS.

0 Kudos
Copyright © 2024 Khoros, LLC