Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Need to pass logout api after each JSON in connector

kmashwini
Regular Contributor
Regular Contributor

Hi Saviynt Team,

We wanted to send Logout API after each JSON , but below JSON is not working . Logout API itself not getting called in logs.

{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {
"statusColumn": "customproperty11",
"activeStatus": [
"true"
],
"deleteLinks": true,
"accountThresholdValue": 10,
"correlateInactiveAccounts": false,
"inactiveAccountsNotInFile": true,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxx/GetUsers",
"httpParams": {
"pageIndex": "0",
"pageSize": "610"
},
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "POST"
},
"listField": "",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "Id~#~char",
"name": "Username~#~char",
"displayName": "FullName~#~char",
"status": "Active~#~char",
"customproperty11": "Active~#~char",
"customproperty12": "Deleted~#~char"
},
"statusConfig": {
"active": "true",
"inactive": "false"
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Groups": {
"entTypeOrder": 0,
"entTypeLabels": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxx/GetGroups",
"httpParams": {
"pageIndex": "0",
"pageSize": "1000"
},
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "POST"
},
"listField": "",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "Id~#~char",
"entitlement_value": "Name~#~char"
}
}
}
}
}
},
"acctEntParams": {
"connection": "acctAuth",
"entTypes": {
"Groups": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"showJobHistory": true,
"processingType": "httpEntToAcct",
"http": {
"url": "https://xxx",
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "Users",
"entKeyField": "entitlementID",
"acctIdPath": "Id",
"acctKeyField": "accountID"
}
}
}
}
},
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xx/Logout",
"httpMethod": "GET",
"httpHeaders": {
"Cookie": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json"
},
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
400,
500,
404
]
}
}
}
}

18 REPLIES 18

Saathvik
All-Star
All-Star

@kmashwini : May I know the use case why you want to logout everytime as you know accesstoken is valid for only short period of time?

Anyway I never tried this not sure if that works. But try to place the logout call as call2 in each block like accountParams, entitlementParams, acctEntParams instead of placing outside as it won't be called/trigger in any of the action


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

kmashwini
Regular Contributor
Regular Contributor

Hi @Saathvik  Since login api once established it is not getting refreshed automatically and also we are getting valid session error. Hence suggested to use logout API in each cred operations.

NM
Valued Contributor
Valued Contributor

Hi @kmashwini , if you are getting valid session error trying to make connection again with target system

Can you send your connection json?

kmashwini
Regular Contributor
Regular Contributor

Hi @NM  Below is the connection JSON

Connection JSON
 
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Content-Type": "application/json"
},
"authError": [
"Unauthorized",
"Invalid session",
"A valid session is required for API access."
],
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "Message",
"maxRefreshTryCount": 5,
"tokenResponsePath": "#HEADERS#Set-Cookie",
"tokenType": "",
"authHeaderName": "Cookie",
"accessToken": "abc",
"httpParams": {
"username": "xxx",
"password": "xxxxx"
},
"retryFailureStatusCode": [
401,
400
]
}
}
}

 

You can’t call logout api in import json without colsToProp configuration please raise enhancement 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hi @rushikeshvartak  is it possible to add in create account JSON

Yes you can add in CRUD JSONs

Sample 

rushikeshvartak_0-1716229657553.png

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

kmashwini
Regular Contributor
Regular Contributor

Hi  Can you please check and respond.

[This post has been edited by a Moderator. We discourage the @ mention of other forum users or employees unless they have already involved themselves on the forum post.]

pruthvi_t
Saviynt Employee
Saviynt Employee

@kmashwini , Did you try to call Logout call in the create account JSON?? 


Regards,
Pruthvi

kmashwini
Regular Contributor
Regular Contributor

Yes checking on it

pruthvi_t
Saviynt Employee
Saviynt Employee

@kmashwini ,

Could you please share what happens when the session invalid session error is thrown. Could you please share the API response or any error code that was thrown.

Thanks,


Regards,
Pruthvi

kmashwini
Regular Contributor
Regular Contributor

@pruthvi_t  It gives error as valid session required

SB
Saviynt Employee
Saviynt Employee

Can you please share the JSON you used and the logs with the error. 


Regards,
Sahil

kmashwini
Regular Contributor
Regular Contributor

Hi @SB 

We wanted to add logout api in get users . below is json and logs.

{

  "accountParams": {

    "connection": "acctAuth",

    "processingType": "SequentialAndIterative",

    "statusAndThresholdConfig": {

      "statusColumn": "customproperty11",

      "activeStatus": [

        "true"

      ],

      "deleteLinks": true,

      "correlateInactiveAccounts": false,

      "inactiveAccountsNotInFile": false,

      "deleteAccEntForActiveAccounts": false

    },

    "call": {

      "call1": {

        "callOrder": 0,

        "stageNumber": 0,

        "http": {

          "url":https://domain.../SecurityService/GetUsers,

          "httpParams": {

            "pageIndex": "0",

            "pageSize": "510"

          },

          "httpHeaders": {

            "Cookie": "${access_token}",

            "Content-Type": "application/json"

          },

          "httpContentType": "application/json",

          "httpMethod": "POST"

        },

        "listField": "",

        "keyField": "accountID",

        "colsToPropsMap": {

          "accountID": "Id~#~char",

          "name": "Username~#~char",

          "displayName": "FullName~#~char",

          "status": "Active~#~char",

          "customproperty11": "Active~#~char",

          "customproperty12": "Deleted~#~char"

        },

        "statusConfig": {

          "active": "true",

          "inactive": "false"

        }

      },

      "call2": {

        "connection": "acctAuth",

        "url": xxxLogout,

        "httpMethod": "GET",

        "httpHeaders": {

          "Cookie": "${access_token}",

          "Content-Type": "application/json"

        },

        "httpContentType": "application/json",

        "successResponses": {

          "statusCode": [

            200,

            201

          ]

        }

      }

    }

  },

  "entitlementParams": {

    "connection": "acctAuth",

    "processingType": "SequentialAndIterative",

    "entTypes": {

      "Groups": {

        "entTypeOrder": 0,

        "entTypeLabels": {},

        "call": {

          "call1": {

            "callOrder": 0,

            "stageNumber": 0,

            "http": {

              "url": https://domain.../SecurityService/GetGroups,

              "httpParams": {

                "pageIndex": "0",

                "pageSize": "1000"

              },

              "httpHeaders": {

                "Cookie": "${access_token}",

                "Content-Type": "application/json"

              },

              "httpContentType": "application/json",

              "httpMethod": "POST"

            },

            "listField": "",

            "keyField": "entitlementID",

            "colsToPropsMap": {

              "entitlementID": "Id~#~char",

              "entitlement_value": "Name~#~char"

            }

          }

        }

      }

    }

  },

  "acctEntParams": {

    "connection": "acctAuth",

    "entTypes": {

      "Groups": {

        "call": {

          "call1": {

            "callOrder": 0,

            "stageNumber": 0,

            "showJobHistory": true,

            "processingType": "httpEntToAcct",

            "http": {

              "url": xxx/GetGroup?id=${id},

              "httpHeaders": {

                "Cookie": "${access_token}",

                "Content-Type": "application/json"

              },

              "httpContentType": "application/json",

              "httpMethod": "GET"

            },

            "listField": "Users",

            "entKeyField": "entitlementID",

            "acctIdPath": "Id",

            "acctKeyField": "accountID"

          }

        }

      }

    }

  }

}

[This post has been edited by a Moderator to remove sensitive information.]

SB
Saviynt Employee
Saviynt Employee

Can you share the Create account JSON and logs instead. The import JSON as mentioned above by @rushikeshvartak  may not work with current design.


Regards,
Sahil

kmashwini
Regular Contributor
Regular Contributor

@SB  Previously I was trying differently in import Json, now I have added in the get user block. Even that will not support? Also, for other cred operations like create/update/delete I can see logout api in logs. I will share you logs . You can confirm me whether it is successfully executed. Also for import do we have any suggestion?

For import it will not work. this is similar to crowdstrike application where api 1 provided list of account id only


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

SB
Saviynt Employee
Saviynt Employee

Please do share the logs once you have them. 

Also, can you confirm if you see the same error for login api when you run it from postman twice. Ideally you would run the login api once from postman and once you get a valid response, run the same login api again without running any other api call. 


Regards,
Sahil