We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

How to reconcile account using rest API

adityachadde
New Contributor III
New Contributor III

Hi,

We want to reconcile the account using the REST API we are getting the response below:

[
    {
        "name""",
        "id""",
        "type"34,
        "abbreviation""",
        "description""Privilèges",
        "subtype"8705,
        "dateCreated""",
        "dateModified""",
        "version""",
        "acg"5,
        "owner": {
            "name""Administrator",
            "id"""
        }
]
Here in response, we are not receiving any path i.e., list field (user response path) value (attribute) we are only getting a response as an array of objects. What we can use in list field to import all accounts.
 
Please find an attached screenshot for more information.
adityachadde_0-1670779291095.png

 

 
 
13 REPLIES 13

rushikeshvartak
All-Star
All-Star

Keep listField blank share you json


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

adityachadde
New Contributor III
New Contributor III

Hi @rushikeshvartak,

Please find an attached response. 

{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "/LibraryStd/api/users?fields=id,name,abbreviation,description,dateCreated,dateModified",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "",
"keyField": "accountID",
"colsToPropsMap": {
"accountID":"id~#~char",
"name":"name~#~char",
"customproperty1": "abbreviation~#~char",
"customproperty2": "description~#~char",
"createdon": "dateCreated~#~char",
"updatedate": "dateModified~#~char"
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Roles": {
"entTypeOrder": 0,
"entTypeLabels": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https:/LibraryStd/api/usergroups",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "name~#~char"
}
}
}
}
}
},
"acctEntParams": {
"connection": "acctAuth",
"entTypes": {
"Roles": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"processingType": "httpEntToAcct",
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https:///LibraryStd/api/usergroups",
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET"
},
"listField": "",
"entKeyField": "entitlementID",
"acctIdPath": "user_id",
"acctKeyField": "accountID"
}
}
},
"Roles": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"processingType": "acctToEntMapping"
}
}
}
}
}
}

After using above json in ImportAccountEntJSON we are not getting any error in job log.

Please find below screenshot for more information.

adityachadde_0-1670809119867.png

Thank You,

Aditya Chadde

adityachadde
New Contributor III
New Contributor III

Hi, 

Using the below connection JSON we are not getting any error after running the Account and Access import job but the accounts and entitlements are not getting imported.

Please find the below Json for more information:

Connection JSON:

{
    "authentications": {
        "acctAuth": {
            "authType": "Basic",
            "url": "/auth/login?password=&username=",
            "httpMethod": "POST",
            "httpParams": {},
            "httpHeaders": {},
            "httpContentType": "application/x-www-form-urlencoded",
            "properties": {
                "userName": "",
                "password": ""
            },
            "authError": [
                "The user session has expired, please reauthenticate",
                "Invalid OAuth token Bearer"
            ],
            "retryFailureStatusCode": [401, 403],
            "errorPath": "message",
            "maxRefreshTryCount": 5,

 

           "tokenType": "Basic",
            "accessToken": "Basic abcd"
        }
    }
}

AccountEntImportJson:

{
    "accountParams": {
        "connection": "acctAuth",
        "processingType": "SequentialAndIterative"
    },
    "call": {
        "call1": {
            "callOrder": 0,
            "stageNumber": 0,
            "http": {
                "url": "",
                "httpHeaders": {
                    "Authorization": "${access_token}",
                    "Accept": "application/json"
                },
                "httpContentType": "application/json",
                "httpMethod": "GET"
            },
            "listField": "",
            "keyField": "accountID",
            "colsToPropsMap": {
                "accountID": "id~#~char",
                "name": "name~#~char",
                "customproperty1": "abbreviation~#~char",
                "customproperty2": "description~#~char",
                "createdon": "dateCreated~#~date",
                "updatedate": "dateModified~#~date"
            }
        }
    },
    "entitlementParams": {
        "connection": "acctAuth",
        "processingType": "SequentialAndIterative",
        "entTypes": {
            "Roles": {
                "entTypeOrder": 0,
                "entTypeLabels": {},
                "call": {
                    "call1": {
                        "callOrder": 0,
                        "stageNumber": 0,
                        "http": {
                            "url": "",
                            "httpHeaders": {
                                "Authorization": "${access_token}",
                                "Accept": "application/json"
                            },
                            "httpContentType": "application/json",
                            "httpMethod": "GET"
                        },
                        "listField": "",
                        "keyField": "entitlementID",
                        "colsToPropsMap": {
                            "entitlementID": "id~#~char",
                            "entitlement_value": "name~#~char"
                        }
                    }
                }
            }
        }
    },
    "acctEntParams": {
        "connection": "acctAuth",
        "entTypes": {
            "Roles": {
                "call": {
                    "call1": {
                        "callOrder": 0,
                        "stageNumber": 0,
                        "processingType": "httpEntToAcct",
                        "http": {
                            "httpHeaders": {
                                "Authorization": "${access_token}"
                            },
                            "url": "",
                            "httpContentType": "application/x-www-form-urlencoded",
                            "httpMethod": "GET"
                        },
                        "listField": "items",
                        "entKeyField": "entitlementID",
                        "acctIdPath": "user_id",
                        "acctKeyField": "accountID"
                    }
                }
            }            
        }
    }
}

Thank You,

Aditya Chadde

access_token is not sent from connectionJSON 

https://saviynt.freshdesk.com/support/solutions/articles/43000521736-rest-connector-guide%C2%A0 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hi @rushikeshvartak,

In Api we are not getting any token in response we are using it to create session. Please find below screenshot for more information.

adityachadde_0-1670914977605.png

API Architecture is different here first we need to send a post request from one URL by passing username and password as query parameters and then we need to use different API to get accounts, but we don't pass any token in the get accounts API.

adityachadde_1-1670915059611.png

We have tried using Basic Auth, OAuth both are not working please suggest us a way to achieve this.

Best Regards,

Aditya Chadde

 

Please remove confidential information from public forums


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

adityachadde
New Contributor III
New Contributor III

Hi,

We want to reconcile all accounts and entitlements form the target application using REST Connection.

In postman we are getting the "X-MSTR-AuthToken" in response header. Please find the attached Screenshot for more information.

adityachadde_0-1672743341287.png

How to create a connection JSON to get the access token from response header?

We have tried using Basic and OAuth2 Connection JSON format but it is not working.

If anyone worked on such requirements please share a connection JSON Format with us.

Best Regards,

Aditya Chadde

Does same needs to be passed for CRUD operations ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

We are using DB Connector for CRUD operations. Just reconciling accounts and access using REST.

Best Regards,

Aditya Chadde

can you try using Postman and find if its required


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

In postman if we send post request by passing username and password in response no content is visible

adityachadde_0-1672764290588.png

but after sending the post request one session is created after this when we use get user API it will give the response. So, in postman it is token required but in saviynt it is not creating any session. It is showing error as below.

{
    "code""ERR009",
    "message""The user's session has expired, please reauthenticate",
    "ticketId""addsfddggdgd"
}
This same error is visible in job logs while importing the accounts and entitlements.
 
So that token may require in saviynt. Using this token, we can get user response from anywhere. for example, I can generate the token in my postman and using that token I can get the user api response from other PC's
 
The connection JSON which we are using should work in Saviynt and create session because we are directly passing username and password in URL similar to postman
 
httpsURL/api/auth/login?username=********&password=*************
 
But it is not working.
 
Please provide a valid connection Json for this type of authentication.
 
Best Regards,
Aditya Chadde

what is method type? it should PUT


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

In postman put method is not working, we are using post method to create session.