Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/22/2023 12:36 AM - edited 06/22/2023 06:11 AM
I need help in constructing a JSON for importing a subset of accounts with entitlements from OKTA using REST connector, if someone in the forum has done this can you please share the JSON.
For Example: I want to import only accounts whose names start with test*
Solved! Go to Solution.
06/23/2023 12:24 PM
Are you able to call the url from postman. In case OKTA supports filter in url and you are able to call the same from Postman, it will also work from Saviynt. You just need to mention that url in the Import JSON. For samples of Import JSON, you can refer to the REST guide.
https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm
06/28/2023 01:57 AM - edited 06/28/2023 02:00 AM
Hi @SB ,
We are able to url and filter accounts from Postman and we have used the same URL in the JSON. The Connection and Import job is successful but accounts are not fetched and we unable to find any error in the logs.
Kindly suggest.
Below are the Jsons:
ConnectionJSON:
{
"authentications":{
"acctAuth":{
"authType":"oauth2",
"httpHeaders":{
"contentType":"application/json",
"cleanUpTextContent":"true"
},
"authError":[
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"url":"https://trial-<Number>-admin.okta.com/api/v1",
"httpMethod":"POST",
"httpContentType":"application/json",
"errorPath":"error.code",
"maxRefreshTryCount":5,
"tokenResponsePath":"access_token",
"tokenType":"SSWS",
"authHeaderName":"Authorization",
"accessToken":"SSWS <Token>",
"retryFailureStatusCode":[
]
}
}
}
ImportAccountEntJson:
{
"accountParams": {
"connection": "acctAuth",
"createUsers": true,
"adminName": "admin",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {
"deleteLinks": false,
"accountThresholdValue": 30,
"correlateInactiveAccounts": false,
"inactivateAccountsNotInFile": false,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://trial-<Number>-admin.okta.com/v1/users",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "users",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "id~#~char"
},
"disableDeletedAccounts": true
},
"call2": {
"callOrder": 1,
"stageNumber": 3,
"http": {
"url": "https://trial-<Number>-admin.okta.com/v1/user/${accountName}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"inputParams": {
"dependentCall": true
},
"listField": "",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "username~#~char",
"customproperty1": "emailId~#~char",
"customproperty2": "lastName~#~char",
"customproperty3": "company~#~char",
"customproperty4": "timezone~#~char",
"customproperty5": "defaultEndpoint~#~char",
"customproperty6": "lastLogin~#~char"
}
}
}
}
}
06/28/2023 09:34 AM
Can you update ConfigJSON param in the REST connection with value {"showLogs":true} and then run the job. Look for the below 2 strings in the logs and this will help identify the error.
Calling Webservice Url - this will display the Call url with the body being sent from Saviynt.
Got Webservice API Response - this will display the response we get from target.