Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/06/2023 06:36 AM - edited 09/06/2023 06:37 AM
Hi All,
We were in a process of integrating Office 365 application with Saviynt using the O365 out of the box connector. We were able to complete the prerequisite steps to register the app in Azure using the fresh desk documentation. However, while configuring the SharePoint connection, we were unable to find any details or steps regarding Tenant ID in the documentation which is a mandatory requirement for the connection in Saviynt.(Client ID and Client secret were accessible though)
Is there anyone who has come across such scenario or has successfully integrated O365 with Saviynt. Would really appreciate any inputs/responses on how to retrieve the Tenant ID for Sharepoint.
We also created a FD ticket #1680041 but we were redirected here.
Thanks
Solved! Go to Solution.
09/11/2023 07:38 AM
Hello @Aashish-Handa,
O365 Tenant ID - To get the O365 Tenant ID please refer this document https://support.office.com/en-us/article/Find-your-Office-365-tenant-ID-6891b561-a52d-4ade-9f39-b492...
O365 Tenant domain name i.e. https://<domain-name>.SharePoint.com
For Ref :-
https://docs.saviyntcloud.com/bundle/MSOffice365-v23x/page/Content/Creating-an-Integration.htm
https://forums.saviynt.com/t5/identity-governance/iis-installation-for-o365-onboarding/m-p/47993/emc...
Thanks
09/11/2023 08:16 AM
Hi @sudeshjaiswal , thanks for responding. I already have gone through the above links and documentation which werent useful for me. The document redirects to the Microsoft Azure Tenant details which I am already aware of.
The need is only for the Sharepoint tenant ID for which there was no mention in the documentation itself. However, it is a mandatory field for the connection.
The O365 tenant domain URL is fine and I can open the Sharepoint portal, however, it doesnt have any Overview tab in it.
Please let me know if I am missing something, or doing something wrong.
Thanks
09/11/2023 10:34 AM
To get the tenant ID from SharePoint Online, follow these steps:
From UI:
Login to your SharePoint Admin Center: https://tenant-admin.sharepoint.com
navigate to Site Collection App Permissions page (http:// <SharePointWebsite> /_layouts/15/AppPrincipals.aspx)
identify the row with your registered application and locate at the App Identifier column. Site realm corresponds to the part of App Identifier followed after the last @ delimiter
Please let me know if it helps.
09/12/2023 08:01 AM
Looks like the Tenant ID is actually the same for both SharePoint and Azure, which wasn't the problem for the connection. I was able to get the Tenant ID from the provided steps too.
Thanks for your help.
09/29/2023 12:08 AM
Hi @sudeshjaiswal , @SumathiSomala ,
I was trying to create the provisioning connection for Office 365 using a REST connection as mentioned in the Saviynt docs. The document only consists of the ConnectionJson and Add Access Json templates, however I would like to create a new account request as well.
Creating an Integration (saviyntcloud.com)
Tried populating a REST based create account json but it is failing with status code 405 as below:
"call1":{"headers":{"Strict-Transport-Security":"max-age=31536000","x-ms-ags-diagnostic":"{\"ServerInfo\":{\"DataCenter\":\"Germany West Central\",\"Slice\":\"E\",\"Ring\":\"5\",\"ScaleUnit\":\"004\",\"RoleInstance\":\"FR2PEPF000003D0\"}}","client-request-id":"f9833bfb-190d-4165-a71a-80283715aa65","request-id":"f9833bfb-190d-4165-a71a-80283715aa65","Content-Length":"0","Date":"Fri, 29 Sep 2023 07:00:02 GMT"},"message":"","statusCode":405,"description":null,"status":"Failed"}}
Can you please help me out with a createaccount json which can be used, or please confirm whether populating a createaccountjson is required at all in a office365 provisioning connection?
Thanks
10/03/2023 10:21 PM - edited 10/03/2023 10:26 PM
Hello @Aashish-Handa,
Based on the error, it looks like you are sending the request with the incorrect method,
Please share the create account json.
Sample for the createaccountjson,
{
"accountIdPath": "call1.message.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"responseColsToPropsMap": {
"displayName": "call1.message.displayName~#~char",
"name": "call1.message.userPrincipalName~#~char"
},
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/users",
"httpMethod": "POST",
"httpParams": "{\"accountEnabled\":true,\"displayName\":\"${user.firstname}\",\"mailNickname\":\"${user.firstname}\",\"userPrincipalName\":\"${user.username}@saviyntlive.onmicrosoft.com\",\"passwordProfile\":{\"forceChangePasswordNextSignIn\":true,\"password\":\"${password}\"}}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}
]
}
Note: Change the tenant which is highlighted in the above json sample(HTTP PARAM).
Thanks.
10/03/2023 11:59 PM
Hi @sudeshjaiswal ,
Thanks for the response. Please find the createaccountjson attached.
I'll check and revert using the sample json shared.
Thanks
10/04/2023 12:15 AM
Hello @Aashish-Handa,
In The URL you dont have any endpoint in the create account json.Please check my sample and yours.
Try with the sample which i have given and let me know if it works for you.
Thanks.
10/04/2023 12:58 AM
I tried adding the endpoint with the earlier json as well but didnt work, maybe got the same issue which I got using the shared sample json this time. Checked for the authorization token but couldnt see a problem.PFB the error msg:
{"log":"2023-10-04 07:14:02,348 [quartzScheduler_Worker-3] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Transfer-Encoding: chunked, Content-Type: application/json, Vary: Accept-Encoding, Strict-Transport-Security: max-age=31536000, request-id: 5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8, client-request-id: 5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8, x-ms-ags-diagnostic: {\"ServerInfo\":{\"DataCenter\":\"Germany West Central\",\"Slice\":\"E\",\"Ring\":\"5\",\"ScaleUnit\":\"004\",\"RoleInstance\":\"FR2PEPF0000037B\"}}, WWW-Authenticate: Bearer realm=\"\", authorization_uri=\"https://login.microsoftonline.com/common/oauth2/authorize\", client_id=\"00000003-0000-0000-c000-000000000000\", Date: Wed, 04 Oct 2023 07:14:01 GMT], responseText:{\"error\":{\"code\":\"InvalidAuthenticationToken\",\"message\":\"CompactToken parsing failed with error code: 80049217\",\"innerError\":{\"date\":\"2023-10-04T07:14:02\",\"request-id\":\"5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8\",\"client-request-id\":\"5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8\"}}}, cookies:[], statusCode:401]\n","stream":"stdout","time":"2023-10-04T07:14:02.348532887Z"}
Createaccountjson Used:
{
"accountIdPath": "call1.message.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"responseColsToPropsMap": {
"displayName": "call1.message.displayName~#~char",
"name": "call1.message.userPrincipalName~#~char"
},
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/users",
"httpMethod": "POST",
"httpParams": "{\"accountEnabled\":true,\"displayName\":\"${user.firstname}\",\"mailNickname\":\"${user.firstname}\",\"userPrincipalName\":\"${user.username}\",\"passwordProfile\":{\"forceChangePasswordNextSignIn\":true,\"password\":\"${password}\"}}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}
]
}
10/04/2023 01:41 AM
@Aashish-Handa The issue seems to be with the connection json, as token is not been parsed correctly,
Could you please share the connectiosn json.
Thanks.
10/05/2023 12:54 AM - edited 10/05/2023 03:05 AM
Hi @sudeshjaiswal ,
PFA.
10/05/2023 03:03 AM
Hello @Aashish-Handa , @SumathiSomala ,
Please hide the confidential infoirmation while shareing anything on the forum, seems you have switch the client secret to client id and client id to client secret, I have shared you the json in the private message.
and please remove connections json asap!!
Thanks.
10/06/2023 02:11 AM
@Aashish-Handa Did the connectionsjson resolved your issue.
Thanks.