Saviynt Forums

jayendraraju · ‎06/22/2023

I need help in constructing a JSON for importing a subset of accounts with entitlements from OKTA using REST connector, if someone in the forum has done this can you please share the JSON.

For Example: I want to import only accounts whose names start with test*

SB · ‎06/23/2023

Are you able to call the url from postman. In case OKTA supports filter in url and you are able to call the same from Postman, it will also work from Saviynt. You just need to mention that url in the Import JSON. For samples of Import JSON, you can refer to the REST guide.

https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm

Regards,
Sahil

jayendraraju · ‎06/28/2023

Hi @SB ,

We are able to url and filter accounts from Postman and we have used the same URL in the JSON. The Connection and Import job is successful but accounts are not fetched and we unable to find any error in the logs.

Kindly suggest.

Below are the Jsons:

ConnectionJSON:

{
"authentications":{
"acctAuth":{
"authType":"oauth2",
"httpHeaders":{
"contentType":"application/json",
"cleanUpTextContent":"true"
},
"authError":[
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"url":"https://trial-<Number>-admin.okta.com/api/v1",
"httpMethod":"POST",
"httpContentType":"application/json",
"errorPath":"error.code",
"maxRefreshTryCount":5,
"tokenResponsePath":"access_token",
"tokenType":"SSWS",
"authHeaderName":"Authorization",
"accessToken":"SSWS <Token>",
"retryFailureStatusCode":[

]
}
}
}

ImportAccountEntJson:

{
"accountParams": {
"connection": "acctAuth",
"createUsers": true,
"adminName": "admin",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {
"deleteLinks": false,
"accountThresholdValue": 30,
"correlateInactiveAccounts": false,
"inactivateAccountsNotInFile": false,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://trial-<Number>-admin.okta.com/v1/users",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "users",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "id~#~char"
},
"disableDeletedAccounts": true
},
"call2": {
"callOrder": 1,
"stageNumber": 3,
"http": {
"url": "https://trial-<Number>-admin.okta.com/v1/user/${accountName}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"inputParams": {
"dependentCall": true
},
"listField": "",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "username~#~char",
"customproperty1": "emailId~#~char",
"customproperty2": "lastName~#~char",
"customproperty3": "company~#~char",
"customproperty4": "timezone~#~char",
"customproperty5": "defaultEndpoint~#~char",
"customproperty6": "lastLogin~#~char"
}
}
}
}
}

SB · ‎06/28/2023

Can you update ConfigJSON param in the REST connection with value {"showLogs":true} and then run the job. Look for the below 2 strings in the logs and this will help identify the error.

Calling Webservice Url - this will display the Call url with the body being sent from Saviynt.

Got Webservice API Response - this will display the response we get from target.

Regards,
Sahil

Saviynt Forums

ImportAccountEntJSON in REST connector for OKTA