Saviynt Forums

adityachadde · ‎02/16/2023

Hi team,

We have one requirement to add the entitlements to the accounts for this first we need to get the list of users who are associated with the groups then we need to add the user to this list after this we need to use this list of users to add the user to the group.

Here we need to follow 3 steps to add the user to the group:

1. We need to use one API to get the list of users associated with the group.

2. We need to append the latest user to the list.

3. We need to pass this list of users to add the latest user to the group.

Is this possible to achieve this via Saviynt REST connection add access JSON?

Is this a Saviynt Limitation or we can achieve this via Saviynt?

Best regards,

Aditya Chadde

adriencosson · ‎02/16/2023

Hello,

I have been addressing a similar use case lately so here is attached a skeleton to help you go ahead :

You can perform multiple API calls for AddAccessJSON.
The first API Call will perform a GET operation to the entitlement you want to get its members.
The second API call will get the responses from the first one (if your entitlement type is called "Groups", then all call names are called the same, but you can get the response using "Groups1" as it's your first call.
You will append the list of users ids as list + the account ID to be added to that list.

Hope this helps !

Regards,
Adrien COSSON

adityachadde · ‎02/17/2023

Hi @adriencosson,

We have tried with the attached json It is not working:

here we need to pass parameters in the body as below:

{"properties": {

"users_names": [

"$0LC400-8DDAS7MFV08F"

]

} }

We are getting response of the /groups API as below:

"properties": {

"group_name": "ade_site_01000_01",

"users_names": [

"$0LC400-8DDAS7MFV08F"

],

"owner_name": "fredocintadmin",

}

What could be the reason that it is not working?

please help us with this.

Best regards,

Thank you

adityachadde · ‎02/21/2023

Hi @adriencosson,

Thank you for providing the sample JSON it is working as expected for our requirements.

Best Regards,

Aditya Chadde

adityachadde · ‎02/21/2023

Hi,

We are getting an error related to Authentication while provisioning the access.

"Group1":{"headers":{"Transfer-Encoding":"chunked","Keep-Alive":"timeout=20","X-Content-Type-Options":"nosniff","Connection":"keep-alive","Pragma":"no-cache","Date":"Tue, 21 Feb 2023 11:35:40 GMT","X-Frame-Options":"DENY","Cache-Control":"no-cache, no-store, max-age=0, must-revalidate","ETag":"\"OGNmMzUzYTRkNDdkZmI1NWY4YjgyNzc0NzU3ODM4Nzk6M2Q3YzQyZGQxYThjNGM5MDZjNzdhMWI3NTdiNjcwOTE1ODA3YTY4NWQxYTlhYjNiNTk5MDM1YmM1NjZjZTJiOQ==\"","Vary":"Accept-Encoding","Expires":"0","X-XSS-Protection":"1; mode=block","Content-Type":"application/vnd.emc.documentum+json;charset=UTF-8"},"message":{"name":"group","type":"dm_group","definition":"url/users"}]},"statusCode":200,"description":null},"Group2":{"headers":{"Transfer-Encoding":"chunked","Keep-Alive":"timeout=20","X-Content-Type-Options":"nosniff","WWW-Authenticate":"Basic realm=\"com.emc.documentum.rest\"","Connection":"keep-alive","Pragma":"no-cache","Date":"Tue, 21 Feb 2023 11:35:40 GMT","X-Frame-Options":"DENY","Cache-Control":"no-cache, no-store, max-age=0, must-revalidate","Vary":"Accept-Encoding","Expires":"0","X-XSS-Protection":"1; mode=block","Content-Type":"application/json;charset=UTF-8"},"message":{"status":401,"code":"E_BAD_CREDENTIALS_ERROR","message":"Authentication failed because an invalid credential is provided.","details":"Authentication failed.","id":"fbe22ab4-347f-41c7-8a52-41ddd79fe357"},"statusCode":401,"description":null,"status":"Failed"}}

User Authentication is getting failed for Add access JSON.
We are using the below Add access JSON.

{
"call":[
{
"name":"Group",
"connection":"acctAuth",
"url":"http://url/groups/${entitlementValue.entitlementID}",
"httpMethod":"GET",
"httpHeaders":{
"Authorization":"${access_token}",
"Content-Type":"application/json"
},
"httpContentType":"application/json"
},
{
"name":"Group",
"connection":"acctAuth",
"url":"http://url/groups/${entitlementValue.entitlementID}",
"httpMethod":"POST",
"httpParams":"{\"properties\": {\"users_names\": [\"${response.Group1.message.properties.users_names.toString().replace('[','').replace(']','').replace(', ','\",\"')}\",\"${account.name}\"]}}",
"httpHeaders":{
"Authorization":"${access_token}",
"Content-Type":"application/json"
},
"httpContentType":"application/json",
"successResponses":{
"statusCode":[
200,
201,
204,
205
]
}
}
]
}

The same connection JSON is working for all other JSON such as create, update, disable account JSON but it is not working for add access JSON second call and we are getting the above error.

When we are hardcoding the access token it is working as expected.

What could be the reason What should we do to resolve this issue?

Best Regards,

Aditya Chadde

adriencosson · ‎02/22/2023

Hello @adityachadde ,

If it is working for the other JSONs except this one, can you compare the "connection" parameter that is currently set to "acctAuth" in the given JSON, with the other ones ?

That might be one of the exceptions to look for.

Regards,
Adrien COSSON

adityachadde · ‎02/23/2023

Hi @adriencosson,

I have checked the connection parameters which are set to "acctAuth" and everything looks similar. what else we could do to resolve this issue?

Best Regards,

Aditya Chadde

Saviynt Forums

How to add the access to the user via REST Connection ADD access json by using multiple calls