Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

${randompassword} in REST Connector CreatAccountJSON does not work

alc
Regular Contributor
Regular Contributor

Hello

I have followed instructions of the solution mentioned in this forum link but it does not work:

https://forums.saviynt.com/t5/identity-governance/rest-connector-random-passwoed/m-p/9069#M1511

I have tried to assign a password policy on the security system, it does not work, then I set passwordPolicyJSON in the REST connector, it still does not work. Then I have same password policy in this JSON and security system, it still does not work.

I also tried both ${password} and ${randompassword}, neither is working out.

Can you suggest a worked solution please? we must have random password set for new account and notify account owner for this new password.

The logs shows the password generation is executed without errors. but not sure what variable it is stored to:

"2023-08-19T13:22:36.561+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-6","DEBUG","Entered generatePasswordFromJsonOrRule"

"2023-08-19T13:22:36.561+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-6","DEBUG","Generating password policy from password policy json"

"2023-08-19T13:22:36.561+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-6","DEBUG","Validating Password Policy and setting defaults..."

"2023-08-19T13:22:36.561+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-6","DEBUG","Exit generatePasswordFromJsonOrRule"

And when send email for new account creation, logs shows account password is null:

"2023-08-19T13:22:37.661+00:00","ecm-worker","services.ArsTaskService","quartzScheduler_Worker-6","DEBUG","Task Complete Email Template For New Account Password = null"

Thank you!

11 REPLIES 11

rushikeshvartak
All-Star
All-Star

Please share json & Security System Config


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

alc
Regular Contributor
Regular Contributor

Hello Rushikesh, thank you very much for your help. See attached 4 screenshot.

With this configuration, the target application created account with variables other than variable values. once remove the ${randompassword} variable, other variables will be correctly populated.

Thanks

 

try ${randomPassword}


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

alc
Regular Contributor
Regular Contributor

Hello Rushikesh,

Still does not work with  ${randomPassword} setting. it generated account with variables too. no variable values passed at all.

"user_password": " ${randomPassword}"

We had same issue for JarConnector as well. Now we got this issue again when using REST Connector

 

Does logs shows that passwoed is generated.

can you remove policy attached to security system and try


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

alc
Regular Contributor
Regular Contributor

Hello Rushikesh,

I have just tried as you asked. Here is the log entries in 3 situations. None of them working.  and either ${randompassword} or ${randomPassword} have same effect that trigger all attributes mapping failure:

#1. When using Password policy on Security System and No PasswordPolicyJSON on connection:

"2023-08-20T22:02:38.817+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-6","DEBUG","Entered generatePasswordFromJsonOrRule"

"2023-08-20T22:02:38.817+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-6","DEBUG","Generating password policy from security system/default policy"

"2023-08-20T22:02:38.819+00:00","ecm-worker","services.SaviyntCommonUtilityService","quartzScheduler_Worker-6","DEBUG","regex is null or empty in policy Test Password Policy"

"2023-08-20T22:02:38.820+00:00","ecm-worker","services.SaviyntCommonUtilityService","quartzScheduler_Worker-6","DEBUG","Creating password using Test Password Policy"

"2023-08-20T22:02:38.834+00:00","ecm-worker","services.WorkflowService","quartzScheduler_Worker-6","DEBUG","in checkBlackListedWords method"

"2023-08-20T22:02:38.842+00:00","ecm-worker","services.WorkflowService","quartzScheduler_Worker-6","DEBUG","dict for policy check - [blacklistedAttributes_2:, blacklistedAttributes_3:, blacklistedAttributes_1:, blacklistedAttributes_8:, blacklistedAttributes_6:, blacklistedAttributes_7:${user.username},${user.firstname},${user.lastname}, blacklistedAttributes_4:${user.username},${user.firstname},${user.lastname}, blacklistedAttributes_5:${user.username},${user.firstname},${user.lastname},${account.name}]"

"2023-08-20T22:02:38.845+00:00","ecm-worker","services.WorkflowService","quartzScheduler_Worker-6","DEBUG","dict for policy check - [useBlackListDictionary_6:0, useBlackListDictionary_5:1, useBlackListDictionary_4:1, useBlackListDictionary_3:0, useBlackListDictionary_8:0, useBlackListDictionary_7:1, useBlackListDictionary_2:0]"

"2023-08-20T22:02:38.845+00:00","ecm-worker","services.WorkflowService","quartzScheduler_Worker-6","DEBUG","enableDictionary: false"

"2023-08-20T22:02:38.845+00:00","ecm-worker","services.SaviyntCommonUtilityService","quartzScheduler_Worker-6","DEBUG","valid password: true"

"2023-08-20T22:02:38.845+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-6","DEBUG","Exit generatePasswordFromJsonOrRule"

 

"2023-08-20T22:02:40.118+00:00","ecm-worker","services.ArsTaskService","quartzScheduler_Worker-6","DEBUG","Task Complete Email Template For New Account Password = null"

 

#2. When using PasswordPolicyJSON on Connection and No Password Policy on Security System:

 

"2023-08-20T21:53:38.907+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-4","DEBUG","Entered generatePasswordFromJsonOrRule"

"2023-08-20T21:53:38.907+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-4","DEBUG","Generating password policy from password policy json"

"2023-08-20T21:53:38.907+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-4","DEBUG","Validating Password Policy and setting defaults..."

"2023-08-20T21:53:38.908+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-4","DEBUG","Exit generatePasswordFromJsonOrRule"

 

"2023-08-20T21:53:40.243+00:00","ecm-worker","services.ArsTaskService","quartzScheduler_Worker-4","DEBUG","Task Complete Email Template For New Account Password = null"

#3. Using both Password Policy on Security System and PasswordPolicyJSON:

Same effect as situation #2. looks PasswordPolicyJSON has higher priority than Password Policy on Security System

We need your help to use ${randomPassword} or ${randompassword} in createAccountJSON and sent email notification of new account password please.

Thanks

Thanks.

${password}


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

alc
Regular Contributor
Regular Contributor

Hello Rushikesh,

Yes, ${password} is working! Thanks a lot!

What about email notification? what variable should I use in email template for this new password?

Thanks,

${account_password}

You can find variables here

rushikeshvartak_0-1692661042744.png

 

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

alc
Regular Contributor
Regular Contributor

Thank you very much Rushikesh! It works as well.

suryavav
New Contributor III
New Contributor III

Can you please share the CreateAccount JSON used