Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/12/2024 04:22 AM
Hi all
We are testing the built-in REST API connector for Secret Server, and have been able to pull in the entitlements, folders and groups etc, however, we notice that one of the limitations of the connector is that it doesn't pull in in folder permissions, which is what we need.
As far as I can tell, the only way around this would be to have 2 Secret Server applications, one with a connector JSON that gives view permissions (for example), then have another application that has a connector JSON that gives edit permissions.
Is this going to be the only way? Our use case is simple: we want users to be able to click the Secret Server application, then be able to CHOOSE which permission level they need on the folder (view,edit,etc).
Does anyone have any better ways or ideas?
thanks all!
09/12/2024 09:07 AM
can you provide more details with postman details or example of your jsons
09/13/2024 02:34 AM
Hi
We're using the OOTB JSON for the connector:
{
"name": "Folders",
"connection": "userAuth",
"url": "https://domain.secretservercloud.eu/api/v1/folder-permissions",
"httpMethod": "POST",
"httpParams": "{\"userId\": \"${account.accountID}\",\"breakInheritance\": true, \"folderAccessRoleName\": \"${requestAccessAttributes?.folderPrivilege==null? 'Edit' : requestAccessAttributes.folderPrivilege}\", \"folderId\": \"${entitlementValue.entitlementID}\", \"secretAccessRoleName\": \"${requestAccessAttributes?.secretPrivilege==null? 'Edit' : requestAccessAttributes.secretPrivilege}\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [200, 201]
}
},
09/13/2024 06:24 AM
Please share postman screenshot and curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]
⚠️‼️‼️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.‼️‼️⚠️