Announcing the SAVIYNT KNOWLEDGE EXCHANGE unifying the Saviynt forums, documentation, training, and more in a single search tool across platforms. Click HERE to read the Announcement.

ImportAccountEnt JSON connection type

Badrul
New Contributor
New Contributor

Hi Support,

I need to import users and entitlements in ImportAccountEnt JSON, currently I'm using the connection of OAuth2 and have a token.

I am currently succeeded to import the users, but always getting 401 error when trying to import the groups.

Any suggestion for me to use the same token to get to call both of the users and group entitlement?

Thanks

4 REPLIES 4

SB
Saviynt Employee
Saviynt Employee

Can you share the ImportJson you are using. Ideally you need to define the Connection name under entitlementParams as well. Below is an example

{"accountParams": {
"connection": "userAuth",
"createUsers": false,
"processingType": "SequentialAndIterative"},
"entitlementParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",


Regards,
Sahil

Badrul
New Contributor
New Contributor

This is the JSON that I'm using

{
"accountParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "<url>",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "results",
"keyField": "accountID",
"statusConfig": {
"active": "true",
"inactive": "false"
},
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "email~#~char",
"displayName": "name~#~char",
"customproperty2": "email~#~char",
"customproperty3": "created_at~#~char",
"customproperty4": "updated_at~#~char",
"customproperty5": "role~#~char",
"status": "active~#~char",
"customproperty6": "last_login_at~#~char",
"customproperty7": "custom_role_id~#~char",
"customproperty8": "default_group_id~#~char",
"customproperty9": "created_at~#~char",
"customproperty10": "updated_at~#~char",
"customproperty11": "suspended~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
}
},
"entitlementParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Group": {
"entTypeOrder": 0,
"entTypeLabels": {
"customproperty1": "Deleted",
"customproperty2": "CreatedAt",
"customproperty3": "UpdatedAt"
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "<url>",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "groups",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "name~#~char",
"customproperty1": "deleted~#~char",
"customproperty2": "created_at~#~char",
"customproperty3": "updated_at~#~char"
},
"disableDeletedEntitlements": true
}
}
}
}
},
"acctEntParams": {
"connection": "userAuth",
"entTypes": {
"Group": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"processingType": "httpEntToAcct",
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "<url>${id}/memberships.json",
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET"
},
"listField": "group_memberships",
"entKeyField": "entitlementID",
"acctIdPath": "user_id",
"acctKeyField": "accountID"
}
}
}
}
}
}

SB
Saviynt Employee
Saviynt Employee

In your Connection can you update the value for Config json param = {"showLogs":true} if not already added.

Run the job after adding the above entry and can you share the log entry where you get the error for import.

sahil_0-1677172107259.png

 


Regards,
Sahil

SB
Saviynt Employee
Saviynt Employee

Based on the logs you shared it does appear that the groups are getting imported. 

The first time app calls the url https://test-xxxxx.com.my/api/v3/cmp/groups/, we see a 401 error in logs due to Signature expiry but then after the retry we do get the information of Groups.

2023-02-24 01:19:20,683 [quartzScheduler_Worker-3] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Date: Fri, 24 Feb 2023 01:19:20 GMT, Server: Apache, Strict-Transport-Security: max-age=31536000; includeSubDomains, X-Content-Type-Options: nosniff, Content-Length: 2773, Vary: Accept,Cookie, Allow: GET, POST, Cache-Control: max-age=0, X-XSS-Protection: 1; mode=block, Content-Security-Policy: frame-ancestors 'self' *.service-now.com, Keep-Alive: timeout=5, max=100, Connection: Keep-Alive, Content-Type: application/json, Set-Cookie: cookiesession1=678A3E0ECEGIKMNPRTVXZACEGIKLB7B1;Expires=Sat, 24 Feb 2024 01:19:20 GMT;Path=/;HttpOnly], responseText:{"_links":{"self":{"href":"/api/v3/cmp/groups/?page=1","title":"List of Groups - Page 1 of 11"},"next":{"href":"/api/v3/cmp/groups/?page=2","title":"Next List Page"}},"total":110,"count":10,"_embedded":{"groups":[{"_links":{"self":{"href":"/api/v3/cmp/groups/GRP-mk9lu43c/","title":""}},"name":"","id":"GRP-mk9lu43c","type":"Organization","rate":"0","autoApproval":false,"parent":{"href":"/api/v3/cmp/groups/GRP-9mnjfo5f/","title":"Managed Customers"}}


Regards,
Sahil