Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Not able to import users from ADP using a REST connector

ChaitanyaDesh14
New Contributor III
New Contributor III

Hello team,

We are trying to import users from ADP HRMS application using a REST connector. This connection requires a .pfx certificate which has been uploaded in the Admin > Settings > File Directory > Connector Files.

The Connection JSON looks like following:
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://domain.com/auth/oauth/v2/token ",
"httpMethod": "POST",
"httpParams": {},
"properties": {
"grant_type": "client_credentials",
"client_secret": "xxxxx",
"client_id": "xxxxx"
},
"httpHeaders": {
"contentType": "application/x-www-form-urlencoded",
"Authorization": "Basic ${encodedAuthHeader}"
},
"ssl": {
"keyFile": "/saviynt_shared/saviynt/ConnectorFiles/saviyntadp.pfx",
"keyFilePassword": "xxxxx",
"keyManagerAlgorithm": "SunX509",
"keyStoreType": "PKCS12",
"sslAlgorithmName": "TLS"
},
"encoding": {
"encodingAlgorithm": "${client_id}:${client_secret}"
},
"httpContentType": "application/x-wwwform-urlencoded",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"errorPath": "odata~dot#error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": ""
}
}
}

We are currently trying to import a single user from ADP within Saviynt using the following Import User JSON:
{
"connection": "acctAuth",
"url": "https://domain.com/hr/v2/workers/G3CW79SEl1abcde ",
"httpMethod": "GET",
"httpHeaders": {
"Authorization": "${access_token}"
},
"pagination": {
"offset": {
"offsetParam": "offset",
"batchParam": "limit",
"batchSize": 100,
"totalCountPath": "meta.totalNumber"
}
},
"colsToPropsMap": {
"firstname": "person.legalName.givenName~#~char",
"lastname": "person.legalName.familyName1~#~char",
"customproperty1": "workerID.idValue~#~char",
"departmentName": "homeOrganizationalUnits[1].nameCode.shortName~#~char",
"employeetype": "workAssignments[0].workerTypeCode.shortName~#~char",
"location": "workAssignments[0].homeWorkLocation.nameCode.shortName~#~char",
"locationdesc": "workAssignments[0].homeOrganizationalUnits[0].nameCode.shortName~#~char",
"owner": "workAssignments[0].reportsTo[0].reportsToWorkerName.formattedName~#~char",
"startdate": "workAssignments[0].hireDate~#~char",
"statuskey": "workerStatus.statusCode.codeValue~#~char",
"title": "workAssignments[0].jobCode.longName~#~char",
"customproperty4": "associateOID~#~char",
},
"userResponsePath": "workers"
}

After running the import job, we getting the following error:
2024-05-03T17:01:36+05:30-ecm-worker-rest.RestUtilService-quartzScheduler_Worker-8-6qp52-DEBUG-pullObjectsByRest - responseStatusCode ::401

Please let us know how to resolve this error at you earliest.

Thanks,

Chaitanya Deshpande.

[This message has been edited by moderator to mask url]

15 REPLIES 15

Raghu
Valued Contributor III
Valued Contributor III

@ChaitanyaDesh14  chekn token is valid or not?


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

ChaitanyaDesh14
New Contributor III
New Contributor III

Hi @Raghu 

We are generating the token in the connection JSON.

Also in the connection JSON, for accessToken field we are passing this value: 
"accessToken": "Bearer abcd".

The above-mentioned error still persists anyways.

NM
Regular Contributor III
Regular Contributor III

Hi @ChaitanyaDesh14 , add "retryresponsestatuscode" field in connection json

Retryresponsestatuscode :[401]

ChaitanyaDesh14
New Contributor III
New Contributor III

@NM Tried adding this "retryresponsestatuscode" : "[401]" below "accessToken": "Bearer abcd" in the connection JSON. The error still persists. No change.

NM
Regular Contributor III
Regular Contributor III

Try this..

"retryFailureStatusCode": [

401,403,500

]

Field is case sensitive

ChaitanyaDesh14
New Contributor III
New Contributor III

@NM 

The Import Job now fails, and the Job Log gives an error as shown below.

ChaitanyaDesh14_0-1714745788859.png


Parts of the URL is hidden for security purposes. But this URL work and gives correct response for one single given user.

Parts of the URL are hidden for security purposes. But this URL works and gives the correct response for one single given user in Postman.*

NM
Regular Contributor III
Regular Contributor III

Can you share postman response of token call.

Please share curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

ChaitanyaDesh14
New Contributor III
New Contributor III

@rushikeshvartak 

Here are the curl commands generated as per the steps given in the above link.

get Token request:


curl --location --request POST 'https://domain.com/auth/oauth/v2/token '

 

get USers request:


curl --location 'https://domain.com/hr/v2/workers/G3CW79xxxx ' \
--header 'Authorization: Bearer abcd' \
--header 'Cookie: BIGipServerp_dc1_mobile_apache_sor=830554123.20480.0000; BIGipServerp_mkplproxy-dc1=3194028299.20480.0000; WFNCDN=wfn' \
--data ''

 

Some parts are hidden for security purposes.



ChaitanyaDesh14
New Contributor III
New Contributor III

Corrected:

get Token request:
curl --location 'https://<hostname>/auth/oauth/v2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_secret=xxx' \
--data-urlencode 'client_id=xxx'

Can you share logs in txt file from job start till end 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

ChaitanyaDesh14
New Contributor III
New Contributor III

@rushikeshvartak 
Here are the logs generated right after running the user import job. You can skip to row 230 within the provided log excel file.

Can you add certificate from Add Certificate option from connection


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

ChaitanyaDesh14
New Contributor III
New Contributor III

As per the documentation, the .pfx certificate needs to be uploaded in File Directory > Connector Files location within Saviynt. Also, we have to mention the file name within the connection JSON in the newer version instead of giving full path of the file in the JSON.

ChaitanyaDesh14_0-1715150406008.png

Hence, we are not using the Add certificate option from connection.