Saviynt Forums

Aashish-Handa · ‎09/06/2023

Hi All,

We were in a process of integrating Office 365 application with Saviynt using the O365 out of the box connector. We were able to complete the prerequisite steps to register the app in Azure using the fresh desk documentation. However, while configuring the SharePoint connection, we were unable to find any details or steps regarding Tenant ID in the documentation which is a mandatory requirement for the connection in Saviynt.(Client ID and Client secret were accessible though)

Is there anyone who has come across such scenario or has successfully integrated O365 with Saviynt. Would really appreciate any inputs/responses on how to retrieve the Tenant ID for Sharepoint.

We also created a FD ticket #1680041 but we were redirected here.

Thanks

sudeshjaiswal · ‎09/11/2023

Hello @Aashish-Handa,

O365 Tenant ID - To get the O365 Tenant ID please refer this document https://support.office.com/en-us/article/Find-your-Office-365-tenant-ID-6891b561-a52d-4ade-9f39-b492...
O365 Tenant domain name i.e. https://<domain-name>.SharePoint.com

For Ref :-
https://docs.saviyntcloud.com/bundle/MSOffice365-v23x/page/Content/Creating-an-Integration.htm
https://forums.saviynt.com/t5/identity-governance/iis-installation-for-o365-onboarding/m-p/47993/emc...

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Aashish-Handa · ‎09/11/2023

Hi @sudeshjaiswal , thanks for responding. I already have gone through the above links and documentation which werent useful for me. The document redirects to the Microsoft Azure Tenant details which I am already aware of.

The need is only for the Sharepoint tenant ID for which there was no mention in the documentation itself. However, it is a mandatory field for the connection.

The O365 tenant domain URL is fine and I can open the Sharepoint portal, however, it doesnt have any Overview tab in it.

Please let me know if I am missing something, or doing something wrong.

Thanks

SumathiSomala · ‎09/11/2023

Hi @Aashish-Handa

To get the tenant ID from SharePoint Online, follow these steps:
From UI:
Login to your SharePoint Admin Center: https://tenant-admin.sharepoint.com
navigate to Site Collection App Permissions page (http:// <SharePointWebsite> /_layouts/15/AppPrincipals.aspx)

identify the row with your registered application and locate at the App Identifier column. Site realm corresponds to the part of App Identifier followed after the last @ delimiter

Please let me know if it helps.

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

Aashish-Handa · ‎09/12/2023

Looks like the Tenant ID is actually the same for both SharePoint and Azure, which wasn't the problem for the connection. I was able to get the Tenant ID from the provided steps too.

Thanks for your help.

Aashish-Handa · ‎09/29/2023

Hi @sudeshjaiswal , @SumathiSomala ,

I was trying to create the provisioning connection for Office 365 using a REST connection as mentioned in the Saviynt docs. The document only consists of the ConnectionJson and Add Access Json templates, however I would like to create a new account request as well.

Creating an Integration (saviyntcloud.com)

Tried populating a REST based create account json but it is failing with status code 405 as below:

"call1":{"headers":{"Strict-Transport-Security":"max-age=31536000","x-ms-ags-diagnostic":"{\"ServerInfo\":{\"DataCenter\":\"Germany West Central\",\"Slice\":\"E\",\"Ring\":\"5\",\"ScaleUnit\":\"004\",\"RoleInstance\":\"FR2PEPF000003D0\"}}","client-request-id":"f9833bfb-190d-4165-a71a-80283715aa65","request-id":"f9833bfb-190d-4165-a71a-80283715aa65","Content-Length":"0","Date":"Fri, 29 Sep 2023 07:00:02 GMT"},"message":"","statusCode":405,"description":null,"status":"Failed"}}

Can you please help me out with a createaccount json which can be used, or please confirm whether populating a createaccountjson is required at all in a office365 provisioning connection?

Thanks

sudeshjaiswal · ‎10/03/2023

Hello @Aashish-Handa,

Based on the error, it looks like you are sending the request with the incorrect method,
Please share the create account json.

Sample for the createaccountjson,
{
"accountIdPath": "call1.message.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"responseColsToPropsMap": {
"displayName": "call1.message.displayName~#~char",
"name": "call1.message.userPrincipalName~#~char"
},
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/users",
"httpMethod": "POST",
"httpParams": "{\"accountEnabled\":true,\"displayName\":\"${user.firstname}\",\"mailNickname\":\"${user.firstname}\",\"userPrincipalName\":\"${user.username}@saviyntlive.onmicrosoft.com\",\"passwordProfile\":{\"forceChangePasswordNextSignIn\":true,\"password\":\"${password}\"}}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}
]
}

Note: Change the tenant which is highlighted in the above json sample(HTTP PARAM).

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Aashish-Handa · ‎10/03/2023

Hi @sudeshjaiswal ,

Thanks for the response. Please find the createaccountjson attached.

I'll check and revert using the sample json shared.

Thanks

sudeshjaiswal · ‎10/04/2023

Hello @Aashish-Handa,

In The URL you dont have any endpoint in the create account json.Please check my sample and yours.
Try with the sample which i have given and let me know if it works for you.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Aashish-Handa · ‎10/04/2023

I tried adding the endpoint with the earlier json as well but didnt work, maybe got the same issue which I got using the shared sample json this time. Checked for the authorization token but couldnt see a problem.PFB the error msg:

{"log":"2023-10-04 07:14:02,348 [quartzScheduler_Worker-3] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Transfer-Encoding: chunked, Content-Type: application/json, Vary: Accept-Encoding, Strict-Transport-Security: max-age=31536000, request-id: 5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8, client-request-id: 5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8, x-ms-ags-diagnostic: {\"ServerInfo\":{\"DataCenter\":\"Germany West Central\",\"Slice\":\"E\",\"Ring\":\"5\",\"ScaleUnit\":\"004\",\"RoleInstance\":\"FR2PEPF0000037B\"}}, WWW-Authenticate: Bearer realm=\"\", authorization_uri=\"https://login.microsoftonline.com/common/oauth2/authorize\", client_id=\"00000003-0000-0000-c000-000000000000\", Date: Wed, 04 Oct 2023 07:14:01 GMT], responseText:{\"error\":{\"code\":\"InvalidAuthenticationToken\",\"message\":\"CompactToken parsing failed with error code: 80049217\",\"innerError\":{\"date\":\"2023-10-04T07:14:02\",\"request-id\":\"5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8\",\"client-request-id\":\"5bce2e9d-e859-4fb8-90b1-f18d2ebfe9f8\"}}}, cookies:[], statusCode:401]\n","stream":"stdout","time":"2023-10-04T07:14:02.348532887Z"}

Createaccountjson Used:
{
"accountIdPath": "call1.message.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"responseColsToPropsMap": {
"displayName": "call1.message.displayName~#~char",
"name": "call1.message.userPrincipalName~#~char"
},
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/users",
"httpMethod": "POST",
"httpParams": "{\"accountEnabled\":true,\"displayName\":\"${user.firstname}\",\"mailNickname\":\"${user.firstname}\",\"userPrincipalName\":\"${user.username}\",\"passwordProfile\":{\"forceChangePasswordNextSignIn\":true,\"password\":\"${password}\"}}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}
]
}

sudeshjaiswal · ‎10/04/2023

@Aashish-Handa The issue seems to be with the connection json, as token is not been parsed correctly,
Could you please share the connectiosn json.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Aashish-Handa · ‎10/05/2023

Hi @sudeshjaiswal ,

PFA.

sudeshjaiswal · ‎10/05/2023

Hello @Aashish-Handa , @SumathiSomala ,

Please hide the confidential infoirmation while shareing anything on the forum, seems you have switch the client secret to client id and client id to client secret, I have shared you the json in the private message.
and please remove connections json asap!!

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

sudeshjaiswal · ‎10/06/2023

@Aashish-Handa Did the connectionsjson resolved your issue.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Saviynt Forums

How to retrieve Tenant ID for SharePoint for Office 365?