Click HERE to see how Saviynt Intelligence is transforming the industry. |
10/22/2024 04:23 AM
We have an issue where we are trying to use the REST connection for provisioning actions for redhatIDM where we can't get the connectionJSON to work correctly to pass the cookie.
We've tested this using curl commands both the api call to request a cookie and then using the cookie that is sent back in subsequent api calls to show/modify users etc all work. As does hard coding the cookie into the connectionJSON.
We're testing that the connection is working correctly by trying to disable an account.
I've included the connectionJSON and the disable account JSON below...
ConnectionJSON
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://<url>/ipa/session/login_password",
"httpMethod": "POST",
"httpParams": {
"user": "<username>",
"password": "<password>"
},
"httpHeaders": {
"Accept":"text/html",
"Content-Type": "application/x-www-form-urlencoded",
"Referer": "https://<url>/ipa"
},
"httpContentType": "application/x-www-form-urlencoded",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"USER_AUTHENTICATION_FAILED"
],
"timeOutError": "error",
"errorPath": "error",
"maxRefreshTryCount": 3,
"tokenResponsePath": "#HEADERS#Set-Cookie",
"tokenType": "",
"authHeaderName": "Cookie",
"retryFailureStatusCode": [
401
],
"accessToken": "<token>"
}
}
}
DisableAccountJSON
{
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://<url>/ipa/session/json",
"httpMethod": "POST",
"httpParams": "{ \"method\": \"user_mod\", \"params\": [ [\"idm_fedtest_03\"], { \"nsaccountlock\": true, \"version\": \"2.251\" } ] }",
"httpHeaders": {
"Cookie": "${access_token}",
"Accept": "application/json",
"Content-Type": "application/json",
"Referer": "https://<url>/ipa"
},
"httpContentType": "application/json"
}
]
}
Working CURL command to get cookie
curl -v -X POST https://<url>/ipa/session/login_password -H "Accept: text/html" -H "Content-Type: application/x-www-form-urlencoded" -H "Referer: https://<url>/ipa" -d "user=<username>&password=<password>
Working CURL command to show user/modify user
curl -X POST https://<url>/ipa/session/json -H "Accept: application/json" -H "Content-Type: application/json" -H "Referer: https://<url>/ipa" -H "Cookie:<cookie>" -d @data2.json
Contents is data2.json
{
"method": "user_show",
"params": [
[
"idm_fedtest_03"
],
{
"all": true,
"version": "2.251"
}
],
"id": 0
}
Solved! Go to Solution.
10/22/2024 04:29 AM
reply from the get cookie curl command is as below
Server: Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1k mod_auth_gssapi/1.6.1 mod_wsgi/4.6.4 Python/3.6
< Set-Cookie: <cookie_value>/ipa;httponly;secure;
10/22/2024 06:27 AM
Please share postman screenshot
10/22/2024 08:31 AM
The API tests we not conducted using postman but were performed in a CLI application running directly on a jumpbox due to networking issues.
However we've resolved the issue and found it was due to a missing successresponce part in the JSON adding
10/22/2024 08:33 AM
If you can update response with full working json that will help community