Saviynt Forums

vermilyacd1 · ‎05/09/2022

Trying to add access to an AzureAD Group with the Out of the Box connector but getting the following error. I am not calling any string function explicitly so not sure where this is coming from. This works just fine in Postman so it is Saviynt related somewhere.

This is in v2020

Error: Error in processGroupInTargetgroovy.lang.GroovyRuntimeException: Ambiguous method overloading for method java.lang.String#<init>.
Cannot resolve which method to invoke for [null] due to overlapping prototypes between:
[class [B]
[class [C]
[class java.lang.String]

AddAccessJSON:

{
"call": [
{
"name": "AADGroup",
"connection": "graphAuth",
"url": "https://graph.microsoft.com/v1.0/groups/${entitlementValue.entitlementID}/members/\\$ref",
"httpMethod": "POST",
"httpParams": "{\"@odata.id\":\"https://graph.microsoft.com/v1.0/directoryObjects/${account.accountID}\"}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}
]
}

sundas7 · ‎05/10/2022

Hi

Can you try giving "unsuccessResponses" with values like below.. I am sorry , I dont have V2020 to check and assist,but in one of environment , we have AddAccess included with the below responses,

You can also wait for other responses who can assist to fix that error.

"Authorization_RequestDenied",
"Authentication_Unauthorized"

Thanks

Shyam

vermilyacd1 · ‎05/10/2022

Thank you for the suggestion @sundas7! I have added that parameter but unfortunately still get the same error.

vermilyacd1 · ‎05/10/2022

This has been resolved. The Azure AD Connector Guide is incorrect. I would recommend updating the documentation for the Azure AD Connector. The following line should NOT be in the ConnectionJSON. Removing it solved the issue.

"accessToken": "Bearer abcd"

Belwyn · ‎05/10/2022

Hi

Thank you for posting your feedback on AZure AD Connector Guide,

This line in our guide ("accessToken": "Bearer abcd") is just a dummy access token.

So, actual token looks something like this:

"accessToken": "eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUDA4VVFSUlwvZXh6QlNGUWcwY1FDRzdFamM0bVcxOGdCS21ZOWpPYzFtR2ptZGhcL3J3T3pNTWpQTDNUWGtLaXdvTUNxSmlWK0JiNuduyVdE55NXZsWUU4YjRsUzdiMzc3K1wvZjI4QlRHcllFbmllRkNXcGJKUEJHSzJjd0lsVmlNY2lOY24rVVdUWXl1UUR3dmdHMmF3TVVKS2hDRVVCR3hnNWx3ZzJcL3ptdVFxcWExMk5qQnk5WjZCeDlva1E4WjF3MVBzYXJQSnJyZ2piZkysgdjshedzsezzdscUJpVFdZNWxHa2MrV2FXaTMzTW1Fd1hvT3BjaGJxYU5PUDdrWjBnOG9KTHUwb2RBSVY3MGlNUTVqa3VmdW9TVldnZFhEbndtenVoS3kxME5WRHVKRnhhOG5kUDBsYXpsdjM5OTZtb2dSYnNBUFZYaGJRb2U0ZWVTanpQR3hSUzBtcGhWWjJycTFTSFl0MTRjV0pmekQ3NVdqXC94NkJkQWFCTzVxXC9cL3BwemZiOERnNVwvdXpCMFhSUWVUZzNvajFFbGJhfgodjrudrsejfhrgidrdrfsdrgsdrygzdNVkwyaUdmXC92NCs1aFdGelwvVVdkWnR4d3AwZDJSTFRkcW44bThzYjE1SmRiNkxPV1NET0o5RWNwaFwvR1ZSRWxNY2F0R3k4dStIZHg4c3hvdWYxaFllclhTOUsrM0dpaTdmY1ZhUExWVW40SGJSWGlcL05SWnEydG5leWVkZit3OVwvRTlOTEdOXC9tTWtmcWZxb0VOZk8wZzJiMzhHQjI4dHVmdlNMSjhLOStjUTYwclRUOUdRTUFBQT09Iiwic3ViIjoiQmVsd3luLlNhbXNvbiIsImV4cCI6MTY1MjI3ODQxNCwiaWF0IjoxNjUyMjQ5NjE0LCJyb2xlcyI6WyJST0xFX0FETUlOIl19.Sh8skDdC4jT-_hybgHRIfXSxI_UIIQMQ5r8c2yKdOnc",

So, if you are not using the access token then you will have to remove that line completely.

Regards,

Belwyn.

vermilyacd1 · ‎05/11/2022

Yes, I understand that is a dummy line but that dummy line is required for the REST connector. During authentication in the REST connector, 'abcd' is replaced with the actual token. The documentation for the AzureAD connector implies the same behavior, however, it does not work the same way. In the AzureAD connector, the abcd replaces the real token, whereas, in the REST connector, it is the other way around.

This inconsistency is not reflected in the documentation, and therefore I'd recommend either building consistency in the platform, or updating the documentation.

Saviynt Forums

Error when Adding Access for AzureAD