Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/24/2024 02:19 PM
Hi on 24.3. We have SSO enabled and I have created an Saviynt API account, set the password, set localauthenabled to 1 and set passwordexpired to false. The problem is that it looks like with version 24.x there is also an "API Password" associated with accounts. The newly created api account can authenticate with saviynt but is unable to complete api other api calls.
All we get is a 200 response with a body message "Please sign in to account" which I am assuming means the "API Password" for the account needs to be set but how do we do that when we have SSO enabled and therefore unable to locally authenticate?
Solved! Go to Solution.
04/24/2024 03:03 PM - edited 04/24/2024 03:06 PM
Hi @jralexander137 ,
You don't see that option by default, but its available as feature access. Please assign it to the sav role and check.
Also, can you try login with the service user you are using for API calls as its newly created.
We had similar issue, once we logged in with the user, we need to first time Set Security Question on Login. (We had this set-in global configurations)
If you find the above response useful, Kindly Mark it as Accept As Solution and hit Kudos
04/24/2024 07:59 PM
I have tested this in v24.4 and working as expected in SSO enabled environment
04/24/2024 08:02 PM
I figured out the problem. It was due to security questions needing to be created and since no way to locally log in with SSO enabled I had to disable that functionality. Once I did that, I just used the Rest Password API to reset the password. Service Account is able to make API calls now.
04/24/2024 08:23 PM
You can also update security question using import sheet