Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Issue for Token generation with REST Connection

nbillu
New Contributor II
New Contributor II

Hi Team,

We have Oauth2.0 authentication to generate access_token for EC_NOV application. When we run the job to import account, we are getting 401 error. I have raised a ticket before for the same https://forums.saviynt.com/t5/identity-governance/rest-connector-token-is-not-re-generated-after-it-... 

Connection Json :

{
  "authentications": {
    "acctAuth": {
      "authType": "oauth2",
            "url": "https://",
"httpMethod": "POST",
            "httpParams": {
               "username": "******",
                "password": "******",
                "grant_type": "******",
                "client_id": "*******",
                "client_secret": "*****"
            },
      "httpHeaders": {
        "contentType": "application/x-www-form-urlencoded"
      },
      "httpContentType": "application/x-www-form-urlencoded",
      "expiryError": "ExpiredAuthenticationToken",
      "authError": [
        "InvalidAuthenticationToken"
      ],
      "timeOutError": "Read timed out",
      "errorPath": "error.code",
      "maxRefreshTryCount": 5,
      "tokenResponsePath": "access_token",
      "tokenType": "Bearer",
      "accessToken": "Bearer abc",
  "testConnectionParams": {
        "http": {
          "url": "https://",
          "httpHeaders": {
            "Authorization": "${access_token}"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
        "successResponse": [],
        "successResponsePath": "responseText",
        "errors": [
          "Couldn't authenticate you"
        ],
        "retryFailureStatusCode": [
          400,
          401,
          403,
          500
        ],
        "errorPath": "error"
      }
    }
  }
}

Please let me if you have any other suggestions on this.  
7 REPLIES 7

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @nbillu,

Could you please share the Postman Screenshot and also where are you passing the username and password, as i dont see in the previous fourm post, are the both same application.
Can you please enable the showlog= true and share the logs.

And also confirm which application you are trying to connect.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Hi @sudeshjaiswal 

I am trying to connect to EC_NOV application. attaching the postman screenshot and Few logs 

Application name : EC_NOV

nbillu_1-1713263061194.png

nbillu_2-1713263363412.png

 

2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-called executeGetRequestWithHeaders for api...
 
2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-after calling executeRequestWithHeaders for api...
 
2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-called api...
 
2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-timeout validated for api...
 
2024-04-16T15:42:27+05:30-ecm-services.HttpClientUtilityService-http-nio-8080-exec-29-4wm4t-DEBUG-got response for api...
 
2024-04-16T15:42:27+05:30-ecm-rest.RestUtilService-http-nio-8080-exec-29-4wm4t-DEBUG-Got showLogs = true
 
2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-Got Webservice API Response: [headers:[Content-Type: text/html;charset=UTF-8, Set-Cookie=******/; HttpOnly; Secure, WWW-Authenticate: Bearer realm="energyx", error="invalid_token", error_description="Failed to parse JWT", X-Frame-Options: SAMEORIGIN, Date: Tue, 16 Apr 2024 10:12:27 GMT], responseText:<html><head><title>Error</title></head><body>Unauthorized</body></html>, cookies:[ECSERVERUSED=bbecf2906292b8a3; Path=/; HttpOnly; Secure], statusCode:401]
 
2024-04-16T15:42:27+05:30-ecm-rest.RestUtilService-http-nio-8080-exec-29-4wm4t-DEBUG-pullObjectsByRest - responseStatusCode ::401
 
2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-Entered getResponseHeaders method
 
2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-responseError : null
 
2024-04-16T15:42:27+05:30-ecm-rest.RestProvisioningService-http-nio-8080-exec-29-4wm4t-DEBUG-isAuthError: false

Hello @nbillu,
Please try with the below sample and share the debug logs, also add the testconnectionsparams to make sure the connectiosn is working fine.

{
	"authentications": {
		"acctAuth": {
			"authType": "oauth2",
			"url": "https://{URL}",
			"httpMethod": "POST",
			"httpParams": {
				"username": "******",
				"password": "******",
				"grant_type": "******",
				"client_id": "*******",
				"client_secret": "*****",
				"new_token": "true"
			},
			"httpHeaders": {
				"Content-Type": "application/x-www-form-urlencoded"
			},
			"authError": [
				"InvalidAuthenticationToken",
				"AuthenticationFailed",
				"Failed to parse JWT",
				"invalid_token"
			],
			"httpContentType": "application/x-www-form-urlencoded",
			"errorPath": "error.code",
			"maxRefreshTryCount": 5,
			"tokenResponsePath": "access_token",
			"tokenType": "Bearer",
			"retryFailureStatusCode": [
				401
			],
			"accessToken": "Bearer ABCD"
		}
	}
}

 Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

@sudeshjaiswal  Application uses refresh token not access token. Access token expiry is 5 minutes . URL for refresh token and access token are same.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hello @rushikeshvartak @nbillu,

Did you try using basic instead of auth,

{
	"authentications": {
		"acctAuth": {
			"authType": "oauth2", -- try Basic
			"url": "https://{URL}",
			"httpMethod": "POST",
			"httpParams": {				
				"grant_type": "******",
				"client_id": "*******",
				"client_secret": "*****"
			},
			"httpHeaders": {
				"Content-Type": "application/x-www-form-urlencoded",
				"Authorization": "Basic XXXXX"  --you need to use username & password and get the encrypted string from postman
			},
			"authError": [
				"InvalidAuthenticationToken"
			],
			"timeOutError": "Read timed out",
			"errorPath": "error.code",
			"maxRefreshTryCount": 5,
			"tokenResponsePath": "access_token",
			"tokenType": "Bearer",
			"accessToken": "abcdefg",
				"testConnectionParams": {
				"http": {
					"url": "XXXX",
					"httpHeaders": {
						"Authorization": "${access_token}"
					},
					"httpContentType": "application/json",
					"httpMethod": "GET",
					"successResponses": {
						"message": [
							"Process completed successfully"
						]
					},
					"successResponsePath": "",
					"errors": [
						"Couldn't authenticate you"
					],
					"errorPath": "error"
				}
			}
		}
	}
}



Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Its not basic auth , Its oauth2 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

You need to upload public certificate in certificates management to resolve issue and perform restart


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.