Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/28/2024 10:20 AM
Hi Team,
We have a new integration in progress, where we need to integrate the application using the rest api.
There are two entitlement type that need to be passed for each user.
permissiongroupid
reportgroupid
The application team has provided an update API as below with the payload as below.
API : http://XXXXXXXXXXXXXXXXXX/api/v1/saviyntIntegration/UpdateUser
PAYLOAD : {
"email": "XXXX@DOMAIN.com",
"clientId": "12345",
"userName": "USER",
"firstName": "FIRSTNAME",
"lastName": "LASTNAME",
"permissionGroupId": "11",
"reportGroupId": "7",
"id": "USERID",
"inactive": false,
"id": "UNIQUEID GENERATED IN TARGET UPON CREATION"
}
Now we need to create the add access json for this case. where all the attributes are mandate as per the payload.
Please suggest us with a ADD access json format using the above values.
Please find the create account json below.
{
"accountIdPath": "call1.message.user.eid",
"responseColsToPropsMap": {
"accountID": "call1.message.user.eid~#~char",
"customproperty8": "call1.message.user.clientId~#~char",
"customproperty3": "call1.message.user.permissionGroupId~#~char"
},
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/AddUser",
"httpMethod": "POST",
"httpParams": "{\"email\":\"${user.email}\",\"clientId\": \"${requestAccessAttributes?.get('AllClients')}\",\"userName\":\"${user.username+'_Mck'}\",\"firstName\": \"${user.firstname}\",\"lastName\": \"${user.lastname}\",\"permissionGroupId\":\"11\",\"reportGroupId\":\"4\",\"eid\": \"${user.username}\",\"inactive\": \"false\"}",
"httpHeaders": {
"client_id": "xxxxxxxxxxxxxxxxxxxxxx",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxx",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}
Please note we are sending the value of "permissionGroupId\":\"11\",\"reportGroupId\":\"4\" hardcoded as createaccountjson doesnot support passing the entitlement value, which we want to acheive updating in the add access json.
Please suggest a ADDaccess json format for multiple entitlementtype request in the payload format we shown.
Thanks
08/28/2024 10:22 AM
08/28/2024 10:25 AM
Hi @rushikeshvartak ,
We are already passing the details of clients in dynamic attribute, is it possible to pass permissions and reports both in dynamic attribute too.
If yes, can you share the add access json for this.
Also will this fall under the UAR , as we have entitlement level UAR
Thanks
08/28/2024 10:34 AM
Note : Try to use full forms
08/28/2024 10:39 AM
Hi @rushikeshvartak ,
Thanks for the update. Can you please suggest what we can put in the add accessjson in that case please, and also suggest if the below createaccount json will work or not.
{
"accountIdPath": "call1.message.user.eid",
"responseColsToPropsMap": {
"accountID": "call1.message.user.eid~#~char",
"customproperty8": "call1.message.user.clientId~#~char",
"customproperty3": "call1.message.user.permissionGroupId~#~char"
},
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/AddUser",
"httpMethod": "POST",
"httpParams": "{\"email\":\"${user.email}\",\"clientId\": \"${requestAccessAttributes?.get('AllClients')}\",\"userName\":\"${user.username+'_Mck'}\",\"firstName\": \"${user.firstname}\",\"lastName\": \"${user.lastname}\",\"permissionGroupId\":\"${requestAccessAttributes?.get('permissionGroupId')\",\"reportGroupId\":\"${requestAccessAttributes?.get('reportGroupId')\",\"eid\": \"${user.username}\",\"inactive\": \"false\"}",
"httpHeaders": {
"client_id": "xxxxxxxxxxxxxxxxxxxxxx",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxx",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}
Thanks
08/28/2024 12:13 PM
08/29/2024 02:30 AM
hI @rushikeshvartak ,
CASE1:
We tried with three dynamic attributes, but it did not work. the task is not getting completed and the account is also not created. There is no evidence in the request too.
I am attaching the log (Logswith3Dynamicattribute.txt) for further check. Task number is : (91606, 91605 , 91604).
CASE2:
But when we are using 2Dynamic attribute, the account is getting created, and roles are provisioned, but the reportsgroup is marked as entitlement and it is not updating.TASK NUMBER : 91608
Logs attached : Logs_With2dynamicattribute.csv
Please check and let me know. For second case, i have used the below ADDACCESS json .
{
"call": [
{
"name": "ReportsGroups",
"connection": "acctAuth",
"url": "http://xxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/UpdateUser",
"httpMethod": "POST",
"httpParams": "{\"email\":\"${user.email}\",\"clientId\": \"${account.customproperty8}\",\"userName\":\"${user.username+'_domain'}\",\"firstName\":\"${user.firstname}\",\"lastName\":\"${user.lastname}\",\"permissionGroupId\":\"${account.customproperty3}\",\"reportGroupId\":\"${entitlementValue.entitlementID}\",\"eid\": \"${user.username}\",\"inactive\": \"false\", \"id\": \"${account.accountID}\"}",
"httpHeaders": {
"client_id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"Accept": "*/*"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}
Createaccountjson:
{
"accountIdPath": "call1.message.user.eid",
"responseColsToPropsMap": {
"accountID": "call1.message.user.eid~#~char",
"customproperty8": "call1.message.user.clientId~#~char",
"customproperty3": "call1.message.user.permissionGroupId~#~char"
},
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"showResponse": true,
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/AddUser",
"httpMethod": "POST",
"httpParams": "{\"email\":\"${user.email}\",\"clientId\": \"${requestAccessAttributes?.get('AllClients')}\",\"userName\":\"${user.username+'_domain'}\",\"firstName\": \"${user.firstname}\",\"lastName\": \"${user.lastname}\",\"permissionGroupId\":\"${requestAccessAttributes?.get('PermissionGroups')}\",\"reportGroupId\":\"4\",\"eid\": \"${user.username}\",\"inactive\": \"false\"}",
"httpHeaders": {
"client_id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
201,
200
]
},
"unsuccessResponses": {
"statusCode": [
401,
400,
403,
404
]
}
}
]
}
Please suggest your options.
Thanks
08/29/2024 08:32 AM
Share connection JSON.
Error : "2024-08-29T08:22:13.161+00:00","ecm-worker","connectorms.ConnectorMsHelperService","quartzScheduler_Worker-4-dvxd7","ERROR","401 Unauthorized"
08/29/2024 08:37 AM
Hi @rushikeshvartak ,
Please find the attached snipet of connectionjson.
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json",
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"client_id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
"authError": [
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed"
],
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/GetAllClients",
"httpMethod": "GET",
"httpContentType": "application/json",
"errorPath": "errorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "",
"tokenType": "bearerabc",
"authHeaderName": "Authentication",
"accessToken": "bearerabc",
"retryFailureStatusCode": [
401,
403
]
}
}
}
Thanks
08/29/2024 09:53 AM
This is not correct connection JSON configuration
Please share postman screenshot and curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]
⚠️‼️‼️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.‼️‼️⚠️
08/29/2024 10:07 AM
Hi @rushikeshvartak ,
We have used this connection, to create the account already. And seems this works with the 2dynamic attributes.
Please let me know what you think as the problem.
Thanks
08/29/2024 10:34 AM
Does hardcoded entitlement works ? I can see in logs 401 hence asked for connection json
09/02/2024 12:47 AM
Hi @rushikeshvartak ,
Yes, the hardcoded value works.
Thanks
08/29/2024 10:54 AM
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"httpParams": {
"grant_type": "client_credentials", //If needed
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxx",
"client_id": "xxxxxxxxxxxxxxxxxxxxxxx"
},
"authError": [
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed"
],
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/GetAllClients",
"httpMethod": "GET",
"httpContentType": "application/json",
"errorPath": "errorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"retryFailureStatusCode": [
401,
403
]
}
}
}
or
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"httpParams": {},
"properties": {
"grant_type": "client_credentials", //If needed
"client_secret": "xxxxxxxxxxxxxxxxxxxxxxxx",
"client_id": "xxxxxxxxxxxxxxxxxxxxxxx"
},
"authError": [
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed"
],
"url": "https://xxxxxxxxxxxxxxxxxxxxxxxx/api/v1/saviyntIntegration/GetAllClients",
"httpMethod": "GET",
"httpContentType": "application/json",
"errorPath": "errorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"retryFailureStatusCode": [
401,
403
]
}
}
}
Can you try the above JSON. Also share the CURL from Postman.
09/03/2024 06:41 AM
Hi @stalluri @rushikeshvartak ,
We tried both the solution, but it did not work. Postman snap below.
And below is the CURL request
Thanks
09/03/2024 06:47 AM
First of all you need to fix API issue in postman with help of app team
09/03/2024 06:50 AM
Hi @rushikeshvartak ,
we need to pass the values with three dynamic attributes only, and while passing the same, we are facing the issue as the createaccountjson is not even getting called, rather the logs does not show anything, as we shared in our previous chat.
If you can guide us what we need to ask the App team to confirm on, so that we can reach out to get that sorted in times.
Thanks