05/30/2023 12:11 PM
Hi all,
I have setup the Saviynt APIs in Postman and trying to call the 'GetUserDetails' API.
I am getting some HTML response stating "Sign in to your account".
I have followed all the guidelines and created the user which we are using to call the Saviynt API in Postman. I have set localAuthEnabled=1 and passwordexpired=0 for this user using CutsomQueryJob.
I am not sure why I am getting this message "Sign in to your account", as this user has the ability to bypass SSO.
This is what we get in Postman response:
We are getting this HTML response for all APIs and not just getUserDetails API.
Note:
1). We are using Azure AD as the Identity provider.
2) We are currently in version 23.4
Please guide.
Thanks,
Atul Singh
05/30/2023 01:05 PM
Hope you passing the bearer token in your postman call. Please confirm.
05/30/2023 09:44 PM
05/31/2023 10:17 AM
When we deactivated the SSO, we are getting the response as expected in Postman.
From the above, we can see that the localAuthEnabled is already set to true for this user (the user we are using to call the Saviynt API). Also, passwordexpired is set to false.
Still, this user is not able to bypass the SSO. We had completely deactivate the SSO in order to work with the Saviynt APIs.
Is there some setting we are missing? Or is there something that needs to be configured at Azure end?.
Please advice.
Thanks.
05/31/2023 12:09 PM
Have you checked this URL?
06/05/2023 05:26 AM
This is expecting Security question to be set (for the user we are using to call the Saviynt API)
There is a Global Configuration "Set Security Question on Login"
In this case - while calling getUser / getAccounts / getEndpoints / any api for that matter, it is expecting the security answers to be set (for the user we are using to call the Saviynt API).
Hence it is throwing a security questions reset page, but that page is protected, hence it throws the login page.
Two options here:
Option 1: Login with the user on the login page and set the security questions. Then try to access any API, it will work.
Option 2: Uncheck the Global Configuration "Set Security Question on Login". Then try to access any API, it will work.
07/18/2023 01:32 PM
Even with option 2 uncheck the "Set Security Question on Login" it still doesn't work.