Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Multiple call(GET and Post) in same create account json

JPMac
Regular Contributor
Regular Contributor

We are trying to design a complex provisioning connection to Azure AD with the following conditions:

  • Call1: Use the GET method to retrieve users from a specific domain.
  • Call2: Execute only if no value is returned from Call1 message.
  • Call3: Execute regardless of the results of Call1 and Call2.

However, an error at the end of the script is preventing successful provisioning.

Is it even permissible to include a GET method in the CreateAccountJSON? Could someone provide advice on this?

Here is the JSON configuration:

 
======CreateAccountJSON======
{
    "accountIdPath": "call2.message.invitedUser.id",
    "dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
    "responseColsToPropsMap": {
        "displayName": "call2.message.invitedUserDisplayName~#~char",
        "name": "call2.message.userPrincipalName~#~char"
    },
    "call": [
        {
            "name": "call1",
            "connection": "userAuth",
            "httpMethod": "GET",
            "httpParams": {},
            "httpHeaders": {
                "Authorization": "${access_token}",
                "Content-Type": "application/json"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            }
        },
        {
            "name": "call2",
            "connection": "userAuth",
            "httpMethod": "POST",
            "httpParams": "{\"invitedUserEmailAddress\":\"${user.email}\",\"invitedUserDisplayName\":\"${user.firstname}\", \"inviteRedirectUrl\":\"https://portal.azure.com\", \"invitedUserType\": \"Guest\", \"sendInvitationMessage\":\"true\"}",
            "httpHeaders": {
                "Authorization": "${access_token}",
                "Content-Type": "application/json"
            },
            "httpContentType": "application/json",
            "callCondition": "!${response.call1.message.value.id}",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            },
            "unsuccessResponses": {
                "error.code": [
                    "Request_BadRequest",
                    "Authentication_MissingOrMalformed",
                    "Request_ResourceNotFound",
                    "Authorization_RequestDenied",
                    "Authentication_Unauthorized",
                    "BadRequest"
                ]
            }
        },
        {
            "name": "call3",
            "connection": "userAuth",
            "httpMethod": "PATCH",
            "httpParams": "{\"givenname\": \"${user.firstname}\",\"surname\":\"${user.lastname}\",\"displayName\":\"${user.lastname}, ${user.firstname}\",\"city\":\"${user.startdate}/${user.enddate}\",\"country\": \"SAVI\",\"postalcode\": \"${user.startdate.format('yyyy/MM/dd')}/${user.enddate.format('yyyy/MM/dd')}\"}",
            "httpHeaders": {
                "Authorization": "${access_token}"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            }
        }
    ]
}
===============================
 
Error Message
{"call1":{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[:], [ServiceAccountOwnerMap:[:], endpointsObj:AzureAD_Couple1, ...]]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"}}
16 REPLIES 16

adriencosson
Valued Contributor
Valued Contributor

Hi @JPMac,

Seems that you cannot just do "callCondition": "!${response.call1.message.value.id}" as it must return a boolean to execute the call.

Hence you might use something like : "callCondition": "${null!=response.call1.message?.value?.id}"

Hope this helps.

Regards,
Adrien COSSON

rushikeshvartak
All-Star
All-Star

You can use callcondition or connection name logic

refer https://forums.saviynt.com/t5/identity-governance/make-second-call-depending-on-call1-response-messa...

https://forums.saviynt.com/t5/identity-governance/skip-the-service-now-ticket-creation-if-task-sourc...


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

JPMac
Regular Contributor
Regular Contributor

@rushikeshvartak , @adriencosson 

Thanks for your response.

I edited the JSON as follows:

  • call1: Create an invited user
  • call2: If the error message "Non-external user already exists with the given mail address and can't be invited." is outputted in call1, use the URL for regular updates. If call1 successfully creates an account, use the response ID from call1.

CreateAccountJson

{
    "accountIdPath": "accountName",
    "dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
    "responseColsToPropsMap": {},
    "call": [
        {
            "name": "call1",
            "connection": "userAuth",
            "httpMethod": "POST",
            "httpParams": "{\"invitedUserEmailAddress\":\"${user.email}\",\"invitedUserDisplayName\":\"${user.firstname}\", \"inviteRedirectUrl\":\"https://portal.azure.com\", \"invitedUserType\": \"Guest\", \"sendInvitationMessage\":\"true\"}",
            "httpHeaders": {
                "Authorization": "${access_token}",
                "Content-Type": "application/json"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            },
            "unsuccessResponses": {
                "error.code": [
                    "Request_BadRequest",
                    "Authentication_MissingOrMalformed",
                    "Request_ResourceNotFound",
                    "Authorization_RequestDenied",
                    "Authentication_Unauthorized",
                    "BadRequest"
                ]
            }
        },
        {
            "name": "call2",
            "connection": "userAuth",
            "url": "${response.call1.message.error.message == 'Non-external user already exists with the given mail address and can't be invited.'?'https://graph.microsoft.com/v1.0/users/${account.accountID}':'https://graph.microsoft.com/v1.0/users...}'}",
            "httpMethod": "PATCH",
            "httpParams": "{\"givenname\": \"${user.firstname}\",\"surname\":\"${user.lastname}\",\"displayName\":\"${user.lastname}, ${user.firstname}\",\"city\":\"${user.startdate}/${user.enddate}\",\"country\": \"SAVI\",\"postalcode\": \"${user.startdate.format('yyyy/MM/dd')}/${user.enddate.format('yyyy/MM/dd')}\"}",
            "httpHeaders": {
                "Authorization": "${access_token}"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            }
        }
    ]
}

When creating a new account, I am still getting the following error.

error

{"call1":{"headers":"gHbT2dtDnQxurBrcCkvNqqP0cq4FT6ZSWvASI1nGTwRDSsanUBJ0fyKwBTkZ/4AloBp8ib5gdCvDcUPnk3aTo/jgygu1wLzBIt+6wX7XZyKSQGSSlh0LPPOGBEps0U1A/v9NXHHzwL/QNNTM2/t1z4qqK/Lwg2lZ8DQFZ+QqVARFan6MWdUwsFwyN5uiYze3t0oCcHODQCSfgQhSuh94nQusNkHoYEdYY53GxzzU+gwfna59GGBOAPNwwNAOfkia5UAJf/iruumQ/Y3ooAcg7GBw+RVkeDVf9rLIr5HHpjVsw1h92Mj5d+C7jI+uQBRsNfGtGurJBN+7QcyH08WeQ50EmAh133H55kjJHAzaWtLmtqb3IMrRslwhpD2p/4XZ39PoZC7Qh4qSsoAsQ7Ptry/ODeFWQ8/OGQiUDc19hLyxVBd1OfzQYiiOrPTdV1YaMYlxie/Tx/JOU+94bd5jiIjaoUyD39nSDu6Olmp0J69Q+ZrYmZtBXYQx/f6GFHFCcySKL+XWyUJ+MkxgNAZp/rl0Lil8ZgX1xMxL0DXnvgrr9AD3L/rIt2HES7BqWtYffqvch1/M/0wAIV/6Ky3sV2WsDOVb8/5ZMWeuB66JMDXAmzSnc1Kmt0wbfQ7y4jRW2a/HGpSLJ/cbd8yaRKxUNDZ/3vzhCIa+VMb/3VBiaLrn7gUz0X6d+KWkpKTZY5oVu/El4yQzuLwINy4o8ru2xvVNmSc50FfI1yiGANDMcaWCqCzepjPFIK4IJzrlLruyxOSNk8VfTk+Rb0jWzpWzo/YKPNKVCqZmngZ55txYiRxWnbNOc7xXcOSp4PbIPmuQL0WCNJ8aRomi5u8ZooV/YQRZdzfjWCnAonxwVLS6GB0=","message":{"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#invitations/$entity","id":"48af30c0-68b8-4f58-b7ef-7aad835ede11","inviteRedeemUrl":"https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3fte...","invitedUserDisplayName":"John","invitedUserType":"Guest","invitedUserEmailAddress":"m12827132@macsaviynt.local","sendInvitationMessage":true,"resetRedemption":false,"inviteRedirectUrl":"https://portal.azure.com/","status":"PendingAcceptance","invitedUserMessageInfo":{"messageLanguage":null,"customizedMessageBody":null,"ccRecipients":[{"emailAddress":{"name":null,"address":null}}]},"invitedUser":{"id":"3e2337f1-b219-41a3-b7fa-9de232d46438"}},"statusCode":201,"description":null,"status":"Success"},"call2":{"headers":null,"message":"","statusCode":null,"description":null,"status":"Failed"}}

Could you provide advice on how to write the URL for call2?

{
    "accountIdPath": "accountName",
    "dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
    "responseColsToPropsMap": {},
    "call": [
        {
            "name": "call1",
            "connection": "userAuth",
            "url": "https://graph.microsoft.com/v1.0/invitations",
            "httpMethod": "POST",
            "httpParams": "{\"invitedUserEmailAddress\":\"${user.email}\",\"invitedUserDisplayName\":\"${user.firstname}\", \"inviteRedirectUrl\":\"https://portal.azure.com\", \"invitedUserType\": \"Guest\", \"sendInvitationMessage\":\"true\"}",
            "httpHeaders": {
                "Authorization": "${access_token}",
                "Content-Type": "application/json"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            },
            "unsuccessResponses": {
                "error.code": [
                    "Request_BadRequest",
                    "Authentication_MissingOrMalformed",
                    "Request_ResourceNotFound",
                    "Authorization_RequestDenied",
                    "Authentication_Unauthorized",
                    "BadRequest"
                ]
            }
        },
        {
            "name": "call2",
            "connection": "userAuth",
            "url": "${response.call1.statusCode == 201 ? 'https://graph.microsoft.com/v1.0/users/' + response.call1.message.invitedUser.id : 'https://graph.microsoft.com/v1.0/users/' + account.accountID}",
            "httpMethod": "PATCH",
            "httpParams": "{\"givenname\": \"${user.firstname}\",\"surname\":\"${user.lastname}\",\"displayName\":\"${user.lastname}, ${user.firstname}\",\"city\":\"${user.startdate}/${user.enddate}\",\"country\": \"SAVI\",\"postalcode\": \"${user.startdate.format('yyyy/MM/dd')}/${user.enddate.format('yyyy/MM/dd')}\"}",
            "httpHeaders": {
                "Authorization": "${access_token}"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            }
        }
    ]
}

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Valued Contributor
Valued Contributor

Hi @JPMac , Remove single quotes from ? and : and then give it a shot.

JPMac
Regular Contributor
Regular Contributor

@rushikeshvartak 

Thanks for your response.

Lastly, let me confirm one thing.
Is the execution of the GET method supported within the Create Account JSON of the REST Connector?

HttpMethod does not matter


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

JPMac
Regular Contributor
Regular Contributor

@rushikeshvartak 

Could you please check the following forum?

https://forums.saviynt.com/t5/identity-governance/updateaccountjson-call-delete-method-for-rest-api/...


He initially mentioned that the delete method cannot be used in updateaccountjson.
Similarly, I am wondering if the get method cannot be used in createaccountjson.

 

For example, when I included the following JSON in createaccountjson and executed the job, the following error was output.

{
    "call": [
        {
        "name": "call1",
        "connection": "userAuth",
        "httpMethod": "GET",
        "httpParams": {},
        "httpHeaders": {
        "Authorization": "${access_token}",
        "Content-Type": "application/json"
        },
        "httpContentType": "application/json",
        "successResponses": {
        "statusCode": [
        200,
        201,
        204,
        205
        ]
        }
        }]
}
 
error : 
{"call1":{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[:], [ServiceAccountOwnerMap:[:], endpointsObj:AzureAD_Couple1, ...]]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"}}

It seems to me that the error is due to a method mismatch.Can you confirm whether the type of HTTP method really doesn't matter in this context?

NM
Valued Contributor
Valued Contributor

@JPMac , we are using get method in create json .. try by removing httpparams field completely.

JPMac
Regular Contributor
Regular Contributor

@NM 

I try by using this json(remove httpparams), but it's not working.

{
"call": {
"name": "call1",
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/users?$filter=mail%2Beq%2B'${user.email}'",
"httpMethod": "GET",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [200, 201, 204, 205]
}
}
}

NM
Valued Contributor
Valued Contributor

JPMac
Regular Contributor
Regular Contributor

@NM 

The same error...

"call1":{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[:], [ServiceAccountOwnerMap:[:], endpointsObj:AzureAD_Couple1, ...]]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"}}

 

using Json

{
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/users?$filter=mail%20Beq%20B'${user.email}'",
"httpMethod": "GET",
"httpParams": {},
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}]
}

NM
Valued Contributor
Valued Contributor

Hey @JPMac, first question what is "B"? As per my knowledge we don't have to add that

Second don't send httpsparams

JPMac
Regular Contributor
Regular Contributor

@NM 

 

I use this, but it's not working too...

{
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/users?$filter=mail%20eq%20'${user.email}'",
"httpMethod": "GET",
"httpParams": {},
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200,
201,
204,
205
]
}
}]
}

 

Share logs


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

It's working now by removing httpparams.

 

{
    "accountIdPath": "call1.message.id",
    "dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
    "responseColsToPropsMap": {
        "comments": "call1.message.displayName~#~char",
        "displayName": "call1.message.displayName~#~char",
        "name": "call1.message.userPrincipalName~#~char"
    },
    "call": [
        {
            "name": "call1",
            "connection": "userAuth",
            "url": "https://graph.microsoft.com/v1.0/users?$filter=mail%20eq%20'<domain>'",
            "httpMethod": "GET",
            "httpHeaders": {
                "Authorization": "${access_token}",
                "Content-Type": "application/json"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            }
        }
    ]
}