Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Delete account using User Update

Prajna
New Contributor
New Contributor
The requirement is to delete the Azure AD  account on termination of the user. The below mentioned remove account json is used for the REST connection
{
  "call": [
    {
      "name": "call1",
      "connection": "${connectionName}",
      "httpMethod": "DELETE",
      "httpHeaders": {
        "Authorization": "${access_token}"
      },
      "httpContentType": "application/json",
      "successResponses": {
        "statusCode": [
          200,
          201,
          204,
          205
        ]
      }
    }
  ]
}
 When a user lifecycle status is terminated the user update rule triggers the remove account tasks.
 
The remove account tasks is getting triggered and when the provisioning job runs the account is becoming inactive in Saviynt and getting deleted from Azure end, but the task is not getting completed. It's failing without any errors in the provisioning comments. Please find the screenshot for reference.
 
Can you please provide any solution for this issue.
9 REPLIES 9

indra_hema_95
Regular Contributor III
Regular Contributor III

Hi @Prajna Can you please check the logs? If you able to find anything there?

Regards,

Indra

Prajna
New Contributor
New Contributor

There is no such error in logs.

Amit_Malik
Valued Contributor II
Valued Contributor II

Hi @Prajna ,

use this in config JSON , this will show the request Saviynt making and response from Azure

{
"showLogs": true
}

Have you tried same in postman and see the status code. 201 is mostly when we create object, so that you don't need in successResponses in JSON for sure. Check what status graph API gives on deletion and use that in your JSON

 

Thanks,

Amit

Kind Regards,
Amit Malik
If this helped you move forward, please click on the "Kudos" button.
If this answers your query, please select "Accept As Solution".

If you are using Azure AD connector then use below JSON

 

{
  "call": [
    {
      "name": "call1",
      "connection": "${connectionName}",
      "url": "https://graph.microsoft.com/v1.0/users/${account.accountID}",
      "httpMethod": "DELETE",
      "httpHeaders": {
        "Authorization": "${access_token}"
      },
      "httpContentType": "application/json",
      "successResponses": {
        "statusCode": [
          200,
          201,
          204,
          205
        ]
      }
    }
  ]
}

 

If you are using REST Connector use below JSON

{
  "call": [
    {
      "name": "call1",
      "connection": "userAuth",
      "url": "https://graph.microsoft.com/v1.0/users/${account.accountID}",
      "httpMethod": "DELETE",
      "httpHeaders": {
        "Authorization": "${access_token}"
      },
      "httpContentType": "application/json",
      "successResponses": {
        "statusCode": [
          200,
          201,
          204,
          205
        ]
      }
    }
  ]
}

 

Connection name will be ${connectionName} in Azure and in REST actual connection name needs to be mentioned

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

The rest connection is used for deprovisioning account. Now I have used the exact connection name. Please find the below json. Still getting the same issue.

{ "call": [ { "name": "call1", "connection": "AAD", "url": "https://graph.microsoft.com/v1.0/users/${account.accountID}", "httpMethod": "DELETE", "httpHeaders": { "Authorization": "${access_token}" }, "httpContentType": "application/json", "successResponses": { "statusCode": [ 200, 201, 204, 205 ] } } ] }

Amit_Malik
Valued Contributor II
Valued Contributor II

Hi @Prajna , if you are using REST connector then dont use "connection": "AAD" or ${connectionName}

{
"call": [
{
"name": "RemoveAccount",
"connection": "userAuth",

This accntAuth comes from connection JSON, see below, you need to use same - 

"authentications": {
"userAuth": {
"authType": "oauth2",

 

 

Kind Regards,
Amit Malik
If this helped you move forward, please click on the "Kudos" button.
If this answers your query, please select "Accept As Solution".

  • Please share connection json and logs

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

stalluri
Valued Contributor II
Valued Contributor II

@Prajna , if you are using Rest, try the JSON below.

Can you share the Connection JSON here?




Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Honored Contributor II
Honored Contributor II

Hi @Prajna define the same connection name value via which you established connection in connection json.