Saviynt Forums

kmashwini · ‎05/17/2024

Hi Saviynt Team,

We wanted to send Logout API after each JSON , but below JSON is not working . Logout API itself not getting called in logs.

{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {
"statusColumn": "customproperty11",
"activeStatus": [
"true"
],
"deleteLinks": true,
"accountThresholdValue": 10,
"correlateInactiveAccounts": false,
"inactiveAccountsNotInFile": true,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxx/GetUsers",
"httpParams": {
"pageIndex": "0",
"pageSize": "610"
},
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "POST"
},
"listField": "",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "Id~#~char",
"name": "Username~#~char",
"displayName": "FullName~#~char",
"status": "Active~#~char",
"customproperty11": "Active~#~char",
"customproperty12": "Deleted~#~char"
},
"statusConfig": {
"active": "true",
"inactive": "false"
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Groups": {
"entTypeOrder": 0,
"entTypeLabels": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxx/GetGroups",
"httpParams": {
"pageIndex": "0",
"pageSize": "1000"
},
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "POST"
},
"listField": "",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "Id~#~char",
"entitlement_value": "Name~#~char"
}
}
}
}
}
},
"acctEntParams": {
"connection": "acctAuth",
"entTypes": {
"Groups": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"showJobHistory": true,
"processingType": "httpEntToAcct",
"http": {
"url": "https://xxx",
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "Users",
"entKeyField": "entitlementID",
"acctIdPath": "Id",
"acctKeyField": "accountID"
}
}
}
}
},
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xx/Logout",
"httpMethod": "GET",
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json"
},
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
400,
500,
404
]
}
}
}
}

Saathvik · ‎05/17/2024

@kmashwini : May I know the use case why you want to logout everytime as you know accesstoken is valid for only short period of time?

Anyway I never tried this not sure if that works. But try to place the logout call as call2 in each block like accountParams, entitlementParams, acctEntParams instead of placing outside as it won't be called/trigger in any of the action

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

kmashwini · ‎05/17/2024

Hi @Saathvik Since login api once established it is not getting refreshed automatically and also we are getting valid session error. Hence suggested to use logout API in each cred operations.

NM · ‎05/17/2024

Hi @kmashwini , if you are getting valid session error trying to make connection again with target system

Can you send your connection json?

kmashwini · ‎05/19/2024

Hi @NM Below is the connection JSON

Connection JSON

{

"authentications": {

"acctAuth": {

"authType": "oauth2",

"httpHeaders": {

"Content-Type": "application/json"

},

"authError": [

"Unauthorized",

"Invalid session",

"A valid session is required for API access."

],

"url": "https://xxx/Login",

"httpMethod": "POST",

"httpContentType": "application/json",

"errorPath": "Message",

"maxRefreshTryCount": 5,

"tokenResponsePath": "#HEADERS#Set-Cookie",

"tokenType": "",

"authHeaderName": "Cookie",

"accessToken": "abc",

"httpParams": {

"username": "xxx",

"password": "xxxxx"

},

"retryFailureStatusCode": [

401,

400

]

}

rushikeshvartak · ‎05/19/2024

You can’t call logout api in import json without colsToProp configuration please raise enhancement

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

kmashwini · ‎05/20/2024

Hi @rushikeshvartak is it possible to add in create account JSON

rushikeshvartak · ‎05/20/2024

Yes you can add in CRUD JSONs

Sample

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

kmashwini · ‎05/19/2024

Hi Can you please check and respond.

[This post has been edited by a Moderator. We discourage the @ mention of other forum users or employees unless they have already involved themselves on the forum post.]

pruthvi_t · ‎05/20/2024

@kmashwini , Did you try to call Logout call in the create account JSON??

Regards,
Pruthvi

kmashwini · ‎05/21/2024

Yes checking on it

pruthvi_t · ‎05/21/2024

@kmashwini ,

Could you please share what happens when the session invalid session error is thrown. Could you please share the API response or any error code that was thrown.

Thanks,

Regards,
Pruthvi

kmashwini · ‎05/21/2024

@pruthvi_t It gives error as valid session required

SB · ‎05/22/2024

Can you please share the JSON you used and the logs with the error.

Regards,
Sahil

kmashwini · ‎05/22/2024

Hi @SB

We wanted to add logout api in get users . below is json and logs.

{

"accountParams": {

"connection": "acctAuth",

"processingType": "SequentialAndIterative",

"statusAndThresholdConfig": {

"statusColumn": "customproperty11",

"activeStatus": [

"true"

],

"deleteLinks": true,

"correlateInactiveAccounts": false,

"inactiveAccountsNotInFile": false,

"deleteAccEntForActiveAccounts": false

},

"call": {

"call1": {

"callOrder": 0,

"stageNumber": 0,

"http": {

"url":https://domain.../SecurityService/GetUsers,

"httpParams": {

"pageIndex": "0",

"pageSize": "510"

},

"httpHeaders": {

"Cookie": "${access_token}",

"Content-Type": "application/json"

},

"httpContentType": "application/json",

"httpMethod": "POST"

},

"listField": "",

"keyField": "accountID",

"colsToPropsMap": {

"accountID": "Id~#~char",

"name": "Username~#~char",

"displayName": "FullName~#~char",

"status": "Active~#~char",

"customproperty11": "Active~#~char",

"customproperty12": "Deleted~#~char"

},

"statusConfig": {

"active": "true",

"inactive": "false"

}

},

"call2": {

"connection": "acctAuth",

"url": xxxLogout,

"httpMethod": "GET",

"httpHeaders": {

"Cookie": "${access_token}",

"Content-Type": "application/json"

},

"httpContentType": "application/json",

"successResponses": {

"statusCode": [

200,

201

]

}

},

"entitlementParams": {

"connection": "acctAuth",

"processingType": "SequentialAndIterative",

"entTypes": {

"Groups": {

"entTypeOrder": 0,

"entTypeLabels": {},

"call": {

"call1": {

"callOrder": 0,

"stageNumber": 0,

"http": {

"url": https://domain.../SecurityService/GetGroups,

"httpParams": {

"pageIndex": "0",

"pageSize": "1000"

},

"httpHeaders": {

"Cookie": "${access_token}",

"Content-Type": "application/json"

},

"httpContentType": "application/json",

"httpMethod": "POST"

},

"listField": "",

"keyField": "entitlementID",

"colsToPropsMap": {

"entitlementID": "Id~#~char",

"entitlement_value": "Name~#~char"

}

},

"acctEntParams": {

"connection": "acctAuth",

"entTypes": {

"Groups": {

"call": {

"call1": {

"callOrder": 0,

"stageNumber": 0,

"showJobHistory": true,

"processingType": "httpEntToAcct",

"http": {

"url": xxx/GetGroup?id=${id},

"httpHeaders": {

"Cookie": "${access_token}",

"Content-Type": "application/json"

},

"httpContentType": "application/json",

"httpMethod": "GET"

},

"listField": "Users",

"entKeyField": "entitlementID",

"acctIdPath": "Id",

"acctKeyField": "accountID"

}

[This post has been edited by a Moderator to remove sensitive information.]

SB · ‎05/22/2024

Can you share the Create account JSON and logs instead. The import JSON as mentioned above by @rushikeshvartak may not work with current design.

Regards,
Sahil

kmashwini · ‎05/23/2024

@SB Previously I was trying differently in import Json, now I have added in the get user block. Even that will not support? Also, for other cred operations like create/update/delete I can see logout api in logs. I will share you logs . You can confirm me whether it is successfully executed. Also for import do we have any suggestion?

rushikeshvartak · ‎05/23/2024

For import it will not work. this is similar to crowdstrike application where api 1 provided list of account id only

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

SB · ‎05/23/2024

Please do share the logs once you have them.

Also, can you confirm if you see the same error for login api when you run it from postman twice. Ideally you would run the login api once from postman and once you get a valid response, run the same login api again without running any other api call.

Regards,
Sahil

Saviynt Forums

Need to pass logout api after each JSON in connector