Saviynt Forums

Hi @rushikeshvartak ,

We are already passing the details of clients in dynamic attribute, is it possible to pass permissions and reports both in dynamic attribute too. 
If yes, can you share the add access json for this. 
Also will this fall under the UAR , as we have entitlement level UAR 

Thanks

• You can pass using dynamic attribute which will be dynamic based on what user selects
• UAR ? if its user access review/certification then If you pulling as entitlement type then you can do UAR 

Note : Try to use full forms 

Hi @rushikeshvartak ,
Thanks for the update. Can you please suggest what we can put in the add accessjson in that case please, and also suggest if the below createaccount json will work or not.

{
"accountIdPath": "call1.message.user.eid",
"responseColsToPropsMap": {
"accountID": "call1.message.user.eid~#~char",
"customproperty8": "call1.message.user.clientId~#~char",
"customproperty3": "call1.message.user.permissionGroupId~#~char"
},
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/AddUser",
"httpMethod": "POST",
"httpParams": "{\"email\":\"${user.email}\",\"clientId\": \"${requestAccessAttributes?.get('AllClients')}\",\"userName\":\"${user.username+'_Mck'}\",\"firstName\": \"${user.firstname}\",\"lastName\": \"${user.lastname}\",\"permissionGroupId\":\"${requestAccessAttributes?.get('permissionGroupId')\",\"reportGroupId\":\"${requestAccessAttributes?.get('reportGroupId')\",\"eid\": \"${user.username}\",\"inactive\": \"false\"}",
"httpHeaders": {
"client_id": "xxxxxxxxxxxxxxxxxxxxxx",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxx",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}

Thanks

• It should work if dynamic attribute is correct

hI @rushikeshvartak  ,

CASE1:

We tried with three dynamic attributes, but it did not work. the task is not getting completed and the account is also not created. There is no evidence in the request too. 

I am attaching the log (Logswith3Dynamicattribute.txt) for further check. Task number is  : (91606,  91605 , 91604).

CASE2:

But when we are using 2Dynamic attribute, the account is getting created, and roles are provisioned, but the reportsgroup is marked as entitlement and it is not updating.TASK NUMBER :  91608 

Logs attached :  Logs_With2dynamicattribute.csv

Please check and let me know. For second case, i have used the below ADDACCESS json .

{
"call": [
{
"name": "ReportsGroups",
"connection": "acctAuth",
"url": "http://xxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/UpdateUser",
"httpMethod": "POST",
"httpParams": "{\"email\":\"${user.email}\",\"clientId\": \"${account.customproperty8}\",\"userName\":\"${user.username+'_domain'}\",\"firstName\":\"${user.firstname}\",\"lastName\":\"${user.lastname}\",\"permissionGroupId\":\"${account.customproperty3}\",\"reportGroupId\":\"${entitlementValue.entitlementID}\",\"eid\": \"${user.username}\",\"inactive\": \"false\", \"id\": \"${account.accountID}\"}",
"httpHeaders": {
"client_id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"Accept": "*/*"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}

Createaccountjson:

{
"accountIdPath": "call1.message.user.eid",
"responseColsToPropsMap": {
"accountID": "call1.message.user.eid~#~char",
"customproperty8": "call1.message.user.clientId~#~char",
"customproperty3": "call1.message.user.permissionGroupId~#~char"
},
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/AddUser",
"httpMethod": "POST",
"httpParams": "{\"email\":\"${user.email}\",\"clientId\": \"${requestAccessAttributes?.get('AllClients')}\",\"userName\":\"${user.username+'_domain'}\",\"firstName\": \"${user.firstname}\",\"lastName\": \"${user.lastname}\",\"permissionGroupId\":\"${requestAccessAttributes?.get('PermissionGroups')}\",\"reportGroupId\":\"4\",\"eid\": \"${user.username}\",\"inactive\": \"false\"}",
"httpHeaders": {
"client_id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}

Please suggest your options.

Thanks

Share connection JSON.

Error : "2024-08-29T08:22:13.161+00:00","ecm-worker","connectorms.ConnectorMsHelperService","quartzScheduler_Worker-4-dvxd7","ERROR","401 Unauthorized"

Hi @rushikeshvartak ,

Please find the attached snipet of connectionjson.

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"client_id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
"authError": [
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed"
],
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/GetAllClients",
"httpMethod": "GET",
"httpContentType": "application/json",
"errorPath": "errorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "",
"tokenType": "bearerabc",
"authHeaderName": "Authentication",
"accessToken": "bearerabc",
"retryFailureStatusCode": [
401,
403
]
}
}
}

Thanks

This is not correct connection JSON configuration 

Please share postman screenshot and curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]



⚠️‼️‼️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.‼️‼️⚠️

Hi @rushikeshvartak ,

We have used this connection, to create the account already. And seems this works with the 2dynamic attributes. 
Please let me know what you think as the problem. 

Thanks

Does hardcoded entitlement works ? I can see in logs 401 hence asked for connection json

Hi @rushikeshvartak ,
Yes, the hardcoded value works.

Thanks

@DG1811 

{
    "authentications": {
        "acctAuth": {
            "authType": "oauth2",
            "httpHeaders": {
                "Accept": "application/json"
            },
            "httpParams": {
                "grant_type": "client_credentials", //If needed
                "client_secret": "xxxxxxxxxxxxxxxxxxxxxxxx",
                "client_id": "xxxxxxxxxxxxxxxxxxxxxxx"
            },
            "authError": [
                "USER_AUTHENTICATION_FAILED",
                "PARTNER_AUTHENTICATION_FAILED",
                "AuthenticationFailed"
            ],
            "url": "https://xxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/GetAllClients",
            "httpMethod": "GET",
            "httpContentType": "application/json",
            "errorPath": "errorCode",
            "maxRefreshTryCount": 5,
            "tokenResponsePath": "",
            "tokenType": "Bearer",
            "authHeaderName": "Authorization",
            "accessToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
            "retryFailureStatusCode": [
                401,
                403
            ]
        }
    }
}

or 
{
    "authentications": {
        "acctAuth": {
            "authType": "oauth2",
            "httpHeaders": {
                "Accept": "application/json"
            },
            "httpParams": {},
            "properties": {
                "grant_type": "client_credentials", //If needed
                "client_secret": "xxxxxxxxxxxxxxxxxxxxxxxx",
                "client_id": "xxxxxxxxxxxxxxxxxxxxxxx"
            },
            "authError": [
                "USER_AUTHENTICATION_FAILED",
                "PARTNER_AUTHENTICATION_FAILED",
                "AuthenticationFailed"
            ],
            "url": "https://xxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/GetAllClients",
            "httpMethod": "GET",
            "httpContentType": "application/json",
            "errorPath": "errorCode",
            "maxRefreshTryCount": 5,
            "tokenResponsePath": "",
            "tokenType": "Bearer",
            "authHeaderName": "Authorization",
            "accessToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
            "retryFailureStatusCode": [
                401,
                403
            ]
        }
    }
}

Can you try the above JSON.  Also share the CURL from Postman.

Hi @stalluri @rushikeshvartak ,

We tried both the solution, but it did not work. Postman snap below.

And below is the CURL request

Thanks

First of all you need to fix API issue in postman with help of app team

Hi @rushikeshvartak ,
we need to pass the values with three dynamic attributes only, and while passing the same, we are facing the issue as the createaccountjson is not even getting called, rather the logs does not show anything, as we shared in our previous chat. 

If you can guide us what we need to ask the App team to confirm on, so that we can reach out to get that sorted in times.

Thanks