Saviynt Forums

nbillu · ‎04/12/2024

Hi Team,

We have Oauth2.0 authentication to generate access_token for EC_NOV application. When we run the job to import account, we are getting 401 error. I have raised a ticket before for the same https://forums.saviynt.com/t5/identity-governance/rest-connector-token-is-not-re-generated-after-it-...

Connection Json :

{

"authentications": {

"acctAuth": {

"authType": "oauth2",

"url": "https://",

"httpMethod": "POST",

"httpParams": {

"username": "******",

"password": "******",

"grant_type": "******",

"client_id": "*******",

"client_secret": "*****"

},

"httpHeaders": {

"contentType": "application/x-www-form-urlencoded"

},

"httpContentType": "application/x-www-form-urlencoded",

"expiryError": "ExpiredAuthenticationToken",

"authError": [

"InvalidAuthenticationToken"

],

"timeOutError": "Read timed out",

"errorPath": "error.code",

"maxRefreshTryCount": 5,

"tokenResponsePath": "access_token",

"tokenType": "Bearer",

"accessToken": "Bearer abc",

"testConnectionParams": {

"http": {

"url": "https://",

"httpHeaders": {

"Authorization": "${access_token}"

},

"httpContentType": "application/json",

"httpMethod": "GET"

},

"successResponse": [],

"successResponsePath": "responseText",

"errors": [

"Couldn't authenticate you"

],

"retryFailureStatusCode": [

400,

401,

403,

500

],

"errorPath": "error"

}

}

Please let me if you have any other suggestions on this.

sudeshjaiswal · ‎04/15/2024

Hello @nbillu,

Could you please share the Postman Screenshot and also where are you passing the username and password, as i dont see in the previous fourm post, are the both same application.
Can you please enable the showlog= true and share the logs.

And also confirm which application you are trying to connect.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

nbillu · ‎04/16/2024

Hi @sudeshjaiswal

I am trying to connect to EC_NOV application. attaching the postman screenshot and Few logs

Application name : EC_NOV

2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-called executeGetRequestWithHeaders for api...

2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-after calling executeRequestWithHeaders for api...

2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-called api...

2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-timeout validated for api...

2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-got response for api...

2024-04-16T15:42:27+05:30-ecm-rest.RestUtilService-http-nio-8080-exec-29-4wm4t-DEBUG-Got showLogs = true

2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-Got Webservice API Response: [headers:[Content-Type: text/html;charset=UTF-8, Set-Cookie=******/; HttpOnly; Secure, WWW-Authenticate: Bearer realm="energyx", error="invalid_token", error_description="Failed to parse JWT", X-Frame-Options: SAMEORIGIN, Date: Tue, 16 Apr 2024 10:12:27 GMT], responseText:<html><head><title>Error</title></head><body>Unauthorized</body></html>, cookies:[ECSERVERUSED=bbecf2906292b8a3; Path=/; HttpOnly; Secure], statusCode:401]

2024-04-16T15:42:27+05:30-ecm-rest.RestUtilService-http-nio-8080-exec-29-4wm4t-DEBUG-pullObjectsByRest - responseStatusCode ::401

2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-Entered getResponseHeaders method

2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-responseError : null

2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-isAuthError: false

sudeshjaiswal · ‎04/17/2024

Hello @nbillu,
Please try with the below sample and share the debug logs, also add the testconnectionsparams to make sure the connectiosn is working fine.

{
	"authentications": {
		"acctAuth": {
			"authType": "oauth2",
			"url": "https://{URL}",
			"httpMethod": "POST",
			"httpParams": {
				"username": "******",
				"password": "******",
				"grant_type": "******",
				"client_id": "*******",
				"client_secret": "*****",
				"new_token": "true"
			},
			"httpHeaders": {
				"Content-Type": "application/x-www-form-urlencoded"
			},
			"authError": [
				"InvalidAuthenticationToken",
				"AuthenticationFailed",
				"Failed to parse JWT",
				"invalid_token"
			],
			"httpContentType": "application/x-www-form-urlencoded",
			"errorPath": "error.code",
			"maxRefreshTryCount": 5,
			"tokenResponsePath": "access_token",
			"tokenType": "Bearer",
			"retryFailureStatusCode": [
				401
			],
			"accessToken": "Bearer ABCD"
		}
	}
}

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

rushikeshvartak · ‎04/17/2024

@sudeshjaiswal Application uses refresh token not access token. Access token expiry is 5 minutes . URL for refresh token and access token are same.

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sudeshjaiswal · ‎04/17/2024

Hello @rushikeshvartak @nbillu,

Did you try using basic instead of auth,

{
	"authentications": {
		"acctAuth": {
			"authType": "oauth2", -- try Basic
			"url": "https://{URL}",
			"httpMethod": "POST",
			"httpParams": {				
				"grant_type": "******",
				"client_id": "*******",
				"client_secret": "*****"
			},
			"httpHeaders": {
				"Content-Type": "application/x-www-form-urlencoded",
				"Authorization": "Basic XXXXX"  --you need to use username & password and get the encrypted string from postman
			},
			"authError": [
				"InvalidAuthenticationToken"
			],
			"timeOutError": "Read timed out",
			"errorPath": "error.code",
			"maxRefreshTryCount": 5,
			"tokenResponsePath": "access_token",
			"tokenType": "Bearer",
			"accessToken": "abcdefg",
				"testConnectionParams": {
				"http": {
					"url": "XXXX",
					"httpHeaders": {
						"Authorization": "${access_token}"
					},
					"httpContentType": "application/json",
					"httpMethod": "GET",
					"successResponses": {
						"message": [
							"Process completed successfully"
						]
					},
					"successResponsePath": "",
					"errors": [
						"Couldn't authenticate you"
					],
					"errorPath": "error"
				}
			}
		}
	}
}

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

rushikeshvartak · ‎04/17/2024

Its not basic auth , Its oauth2

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

rushikeshvartak · ‎05/15/2024

You need to upload public certificate in certificates management to resolve issue and perform restart

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saviynt Forums

Issue for Token generation with REST Connection