Saviynt Forums

AbhinavPandey · ‎11/02/2023

We need to perform OAUTH1.0 based authentication for rest connector, there is no documentation on portal around the same. Has someone configured OAUTH1.0? We tried below Json but it is not working.

"authentications": {
    "userAuth": {
      "authType": "OAuth1",
      "url": "xxx",
      "httpMethod": "POST",
      "properties": {
        "consumer_key": "xxx",
      "consumer_secret": "xxx",
      "token": "xxx",
      "token_secret": "xxx",
      "signature_method": "HMAC-SHA256",
"signature_parameters":
{"timestamp_parameter":"oauth_timestamp",
"nonce_parameter":"oauth_nonce",
"version":"1.0",
"Realm":"xxx"}
      },
      "httpHeaders": {
        "contentType": "application/x-www-form-urlencoded"
      },
      "httpContentType": "text/html",
      "expiryError": "ExpiredAuthenticationToken",
      "authError": [
        "InvalidAuthenticationToken",
        "AuthenticationFailed"
      ],
      "timeOutError": "Read timed out",
      "errorPath": "error.code",
      "maxRefreshTryCount": 5,
      "tokenResponsePath": "access_token",
      "tokenType": "Bearer",
      "accessToken": "Bearer abcd"
    }
}

[This message has been edited by moderator to remove hyperlink]

Dhruv_S · ‎11/02/2023

Hi @AbhinavPandey

The REST Connector documentation mentions support for OAUTH2 only. OAUTH1 is not supported.

We will check with product team and confirm.

Regards,
Dhruv Sharma
If this reply answered your question, please accept it as Solution to help others who may have a similar problem.

Dhruv_S · ‎11/02/2023

@AbhinavPandey

As confirmed with product team, OAUTH1 is not supported. Please also check and let us know if it is achievable in postman with OATUH2. Based on that, we can advise you further if we can support it as part of OAUTH2 generic.

Regards,
Dhruv Sharma
If this reply answered your question, please accept it as Solution to help others who may have a similar problem.

yamuna · ‎11/02/2023

@Dhruv_S

OAuth2.0 works and we have attached the working connection json. But we have a challenge - Refresh token expires after 7 days. The application we are trying to integrate is Oracle Netsuite. Kindly advise on the solution.

{
    "authentications": {
        "userAuth": {
            "authType": "oauth2",
            "url": "https://xxx/services/rest/auth/oauth2/v1/token",
            "httpMethod": "POST",
            "httpParams": {
                "grant_type": "refresh_token",
                "refresh_token": "xxxx"
            },
            "httpHeaders": {
                "contentType": "application/x-www-form-urlencoded",
                "Authorization": "Basic xxx"
            },
            "expiryError": "INVALID_SESSION_ID",
            "authError": [
                "INVALID_SESSION_ID"
            ],
            "timeOutError": "Read timed out",
            "retryFailureStatusCode": [
                401,
                403
            ],
            "errorPath": "errorCode",
            "maxRefreshTryCount": 5,
            "tokenResponsePath": "access token",
            "tokenType": "Bearer",
            "accessToken": "Bearer abcd"
        }
    }
}

Dhruv_S · ‎11/06/2023

Hi @yamuna

Thanks for the response. Could you please elaborate further what is the issue with the refresh token expiry.

Regards,

Dhruv Sharma

AbhinavPandey · ‎11/06/2023

We are able to integrate successfully with NetSuite by using OAuth 2.0 , we are using refresh-token code to get new token like other applications. But the refresh-token in case of Netsuite expires after 7 days and thus requiring to re-do the Authorization Code Grant Flow again to get new refresh-token.
We are looking a way where token lives long enough (it doesn’t expire with OAuth1.0) to avoid manual intervention

Dhruv_S · ‎11/07/2023

Hi @AbhinavPandey

Please refer to the below examples from Developers Handbook (saviyntcloud.com)

Renew Access Token and Refresh Token using Single API: In this OAuth mechanism, the access and refresh tokens expire after a time period, and the latest refresh token is used to regenerate new access and refresh tokens. To regenerate these tokens, specify the values for the following attributes: refreshType, refreshTokenResponsePath, and refreshToken.
Example:

JSON

{
  "authentications": {
    "userAuth": {
      "authType": "oauth2",
      "url": "https://<domain name>/v1/access_token",
      "httpMethod": "POST",
      "httpParams": {
        "client_id": "<client ID>",
        "client_secret": "<client secret>",
        "grant_type": "refresh_token",
        "refresh_token": "${refresh_token}"
      },
      "httpHeaders": {
        "Content-Type": "application/x-www-form-urlencoded"
      },
      "httpContentType": "application/x-www-form-urlencoded",
      "expiryError": "ExpiredAuthenticationToken",
      "authError": [
        "USER_AUTHENTICATION_FAILED",
        "PARTNER_AUTHENTICATION_FAILED",
        "AuthenticationFailed"
      ],
      "refreshType": "RefreshToken",
      "refreshTokenResponsePath": "refresh_token",
      "refreshToken": "<refresh token>",
      "timeOutError": "Read timed out",
      "errorPath": "errorCode",
      "maxRefreshTryCount": 5,
      "tokenResponsePath": "access_token",
      "tokenType": "Bearer",
      "retryFailureStatusCode": [
        401
      ],
      "accessToken": "Bearer <token>"
    }
  }
}

Regards,

Dhruv Sharma

n1khil · ‎11/09/2023

Hey Dhruv,

We configured the json based on input, we were able to successfully provision and recon the data on 7th. We tested today but getting 400 error. If we are trying to generate access token using refresh token via postman, it is giving successful result.

Attaching logs for your reference

Dhruv_S · ‎11/13/2023

Hi @n1khil

Could you please share the postman response while you try to get access and refresh token.

The issue could be due to the refreshTokenResponsePath not being correct for getting refresh token.

Regards,

Dhruv Sharma

AbhinavPandey · ‎11/13/2023

Hi @Dhruv_S ,

PFA the postman response:

Dhruv_S · ‎11/15/2023

Hi @AbhinavPandey

Could you please add the below as well in the connection Json after the "refreshToken": "xxx",

"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",

Share new logs when it fails.

Regards,

Dhruv Sharma

Sankar_ · ‎11/22/2023

We tried this json, it worked when it was configured on weekend but it failed today.

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://xxx/services/rest/auth/oauth2/v1/access_token",
"httpMethod": "POST",
"httpParams": {
"grant_type": "refresh_token",
"refresh_token": "${refresh_token}"
},
"httpHeaders": {
"contentType": "application/x-www-form-urlencoded",
"Authorization": "Basic xxx"
},
"httpContentType": "application/x-www-form-urlencoded",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"retryFailureStatusCode": [
401,
403
],
"refreshType": "RefreshToken",
"refreshTokenResponsePath": "refresh_token",
"refreshToken": "xxx",
"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",
"errorPath": "errorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "Bearer xxx"
}
}

Dhruv_S · ‎11/22/2023

Hi @AbhinavPandey , @Sankar_

As per logs, I can see 400 errors are coming and since 400 error we have not passed in the retryfailure status codes, it is not retrying to get a new token and considering it a valid code.

Please use the below connection JSON. We have added 400 error code in retryFailureStatusCode. It should work. If you still face an issue, please share the logs and screenshot from postman with all the details.

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://xxx/oauth2/v1/access_token",
"httpMethod": "POST",
"httpParams": {
"grant_type": "refresh_token",
"refresh_token": "${refresh_token}"
},
"httpHeaders": {
"contentType": "application/x-www-form-urlencoded",
"Authorization": "Basic xxx"
},
"httpContentType": "application/x-www-form-urlencoded",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"retryFailureStatusCode": [
401,
403,
400
],
"refreshType": "RefreshToken",
"refreshTokenResponsePath": "refresh_token",
"refreshToken": "xxx",
"errorPath": "errorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "Bearer xxx"
}
}
}

Regards,

Dhruv Sharma

yamuna · ‎12/04/2023

Hello @Dhruv_S

We have tried and it is still not working. We tried last week, inserted the new token and then tried import job after 2 days. Code tried to fetch the token for 5 times and then it failed.

Dhruv_S · ‎12/05/2023

Hi @yamuna @AbhinavPandey

Do you have an existing Fresh service ticket opened for this issue? Please confirm and share the ticket number. If not- I will open a FS ticket on your behalf and request, you to share the full logs and JSON on the same.

Regards,

Dhruv Sharma

n1khil · ‎12/06/2023

Hey @Dhruv_S,

There is no existing ticket, you can create one and share with us we will update the ticket with all the required details.

Thanks

Dhruv_S · ‎12/06/2023

Hi @n1khil @AbhinavPandey

Thanks for your patience.

I have opened a FS ticket #INC-2011655 on your behalf. Can you please upload the logs when it is failing and also, please attach a postman screenshot fetching the token (access_token/ refresh_token).

Regards,

Dhruv Sharma

Saviynt Forums

OAuth 1 integration