Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

ImportAccountEntJSON in REST connector for OKTA

jayendraraju
New Contributor III
New Contributor III

I need help in constructing a JSON for importing a subset of accounts with entitlements from OKTA using REST connector, if someone in the forum has done this can you please share the JSON.

For Example: I want to import only accounts whose names start with test*

3 REPLIES 3

SB
Saviynt Employee
Saviynt Employee

Are you able to call the url from postman. In case OKTA supports filter in url and you are able to call the same from Postman, it will also work from Saviynt. You just need to mention that url in the Import JSON. For samples of Import JSON, you can refer to the REST guide.

https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm


Regards,
Sahil

jayendraraju
New Contributor III
New Contributor III

Hi @SB ,

We are able to url and filter accounts from Postman and we have used the same URL in the JSON. The Connection and Import job is successful but accounts are not fetched and we unable to find any error in the logs.

Kindly suggest.

Below are the Jsons:

ConnectionJSON:

{
"authentications":{
"acctAuth":{
"authType":"oauth2",
"httpHeaders":{
"contentType":"application/json",
"cleanUpTextContent":"true"
},
"authError":[
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"url":"https://trial-<Number>-admin.okta.com/api/v1",
"httpMethod":"POST",
"httpContentType":"application/json",
"errorPath":"error.code",
"maxRefreshTryCount":5,
"tokenResponsePath":"access_token",
"tokenType":"SSWS",
"authHeaderName":"Authorization",
"accessToken":"SSWS <Token>",
"retryFailureStatusCode":[

]
}
}
}

ImportAccountEntJson:

{
"accountParams": {
"connection": "acctAuth",
"createUsers": true,
"adminName": "admin",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {
"deleteLinks": false,
"accountThresholdValue": 30,
"correlateInactiveAccounts": false,
"inactivateAccountsNotInFile": false,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://trial-<Number>-admin.okta.com/v1/users",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "users",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "id~#~char"
},
"disableDeletedAccounts": true
},
"call2": {
"callOrder": 1,
"stageNumber": 3,
"http": {
"url": "https://trial-<Number>-admin.okta.com/v1/user/${accountName}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"inputParams": {
"dependentCall": true
},
"listField": "",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "username~#~char",
"customproperty1": "emailId~#~char",
"customproperty2": "lastName~#~char",
"customproperty3": "company~#~char",
"customproperty4": "timezone~#~char",
"customproperty5": "defaultEndpoint~#~char",
"customproperty6": "lastLogin~#~char"
}
}
}
}
}

 

SB
Saviynt Employee
Saviynt Employee

Can you update ConfigJSON param in the REST connection with value {"showLogs":true} and then run the job. Look for the below 2 strings in the logs and this will help identify the error.

Calling Webservice Url - this will display the Call url with the body being sent from Saviynt.

Got Webservice API Response - this will display the response we get from target.


Regards,
Sahil