Saviynt Forums

Gurukrishna96 · ‎07/16/2024

Hello All,

Based on the sample payloads below, we are trying to configure Remove Access and Remove account JSONs -

Payload for removing access -

PUT /interop/rest/security/v2/groups/removeusersfromgroup

{

"groupname": "G1",

"users": [

{

"userlogin": "jdoe"

},

{

"userlogin": "chris"

}

]

}

__________________________________________________________

Payload for Remove Account -

https://<BASE-URL>/interop/rest/security/v2/users/remove

{

"users":

[

{

"userlogin": "jdoe"

},

{

"userlogin": "chris"

}

]

}

________________________________________________________________________________

JSONs -

Remove Access JSON -

{
"call": [
{
"name": "group removal",
"connection": "acctAuth",
"url": "https://removed.oraclecloud.com/interop/rest/security/v2/groups/removeusersfromgroup ",
"httpMethod": "PUT",
"httpParams": {"groupname": "${entitlementValue.entitlementID}","users":[{"userlogin": "${account.accountID}"}]},
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
]
}

___________________________________________________

Remove Account JSON

{
"call": [
{
"name": "account",
"connection": "acctAuth",
"url": "https://removed.oraclecloud.com/interop/rest/security/v2/users/remove ",
"httpMethod": "POST",
"httpParams": {
"users": [
{
"userlogin": "${account.accountID}"
}
]
},
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
]
}

[This message has been edited by moderator to disable URL hyperlink]

Gurukrishna96 · ‎07/16/2024

We are seeing below errors while processing the tasks -

quartzScheduler_Worker-7-r72nh","DEBUG","Calling removeAccount in rest with Sec System - OracleEPM_GRPlan and tasklist - [sav2.test2@wbdcontractor.com:[com.saviynt.ecm.task.ArsTasks : 3731]]"
Line 343: "2024-07-16T07:58:12.653+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","initializing Provisioning connection"
Line 344: "2024-07-16T07:58:12.655+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","Completing task - 3731"
Line 345: "2024-07-16T07:58:12.671+00:00","ecm-worker","services.SaviyntCommonUtilityService","quartzScheduler_Worker-7-r72nh","DEBUG","Enter getStandardBindingVariable"
Line 346: "2024-07-16T07:58:12.672+00:00","ecm-worker","services.SaviyntCommonUtilityService","quartzScheduler_Worker-7-r72nh","DEBUG","arsTasks.requestAccessKey: null"
Line 347: "2024-07-16T07:58:12.672+00:00","ecm-worker","services.SaviyntCommonUtilityService","quartzScheduler_Worker-7-r72nh","DEBUG","Exit getStandardBindingVariable"
Line 348: "2024-07-16T07:58:12.672+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","Total Call: 1"
Line 349: "2024-07-16T07:58:12.681+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","pastResponse: [message:No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[users:[[userlogin:${account.accountID}]]], ...]"
Line 351: "2024-07-16T07:58:12.681+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","Enter getAuditForFailedCall"
Line 352: "2024-07-16T07:58:12.688+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","connection: acctAuth"
Line 353: "2024-07-16T07:58:12.709+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","ERROR","Error in processWebservicegroovy.lang.MissingMethodException: No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[users:[[userlogin:${account.accountID}]]], ...]"
Line 355: "2024-07-16T07:58:12.710+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","Enter encryptHeaders"
Line 356: "2024-07-16T07:58:12.710+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","Exit encryptHeaders"
Line 357: "2024-07-16T07:58:12.711+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","Task Response: {"auditDetails":{"account":[{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[users:[[userlogin:${account.accountID}]]], ...]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"},{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[users:[[userlogin:${account.accountID}]]], ...]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"}]},"account":{"message":"No signature of method: com.saviynt.provisoning.rest.RestUtilService.getDynamicBindString() is applicable for argument types: (java.util.LinkedHashMap, java.util.HashMap) values: [[users:[[userlogin:${account.accountID}]]], ...]\nPossible solutions: getDynamicBindString(java.lang.String, java.util.Map)","status":"Failed"}}"
Line 358: "2024-07-16T07:58:12.711+00:00","ecm-worker","rest.RestProvisioningService","quartzScheduler_Worker-7-r72nh","DEBUG","Result: false"

__________________________________________________

Could you please suggest what needs to be updated in JSON

NM · ‎07/16/2024

Hi @Gurukrishna96 ,

Try this

httpParams": "{"groupname": "${entitlementValue.entitlementID}","users":[{"userlogin": "${account.accountID}"}]}",

Add backslash before double quotes..

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Gurukrishna96 · ‎07/17/2024

Hi @NM Thanks, I am able to get remove account working this way but Remove Access is still not working. I am seeing the same error as above

rushikeshvartak · ‎07/17/2024

Share working Remove Access JSON

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Gurukrishna96 · ‎07/17/2024

Remove Access JSON is not working. Remove account JSON is working, please check -

{
"call": [
{
"name": "account",
"connection": "acctAuth",
"url": "https://wbdplandev-wbd.epm.us-ashburn-1.ocs.oraclecloud.com/interop/rest/security/v2/users/remove",
"httpMethod": "POST",
"httpParams": "{\"users\":[{\"userlogin\": \"${account.accountID}\"}]}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
]
}

gwagh · ‎07/18/2024

Hi @Gurukrishna96 , Where did you pass the Entitlement/Access name or ID in JSON ?

Ex. "httpParams": "{ \"groupname\": \"${entitlementValue.entitlementID}\",\"users\":[{\"userlogin\": \"${account.accountID}\"}]}",

Gurukrishna96 · ‎07/18/2024

Please check this. It is similar to what you have put in example -

{
"call": [
{
"name": "group removal",
"connection": "acctAuth",
"url": "https://wbdplandev-wbd.epm.us-ashburn-1.ocs.oraclecloud.com/interop/rest/security/v2/groups/removeus...",
"httpMethod": "PUT",
"httpParams": "{\"groupname\": \"${entitlementValue.entitlementID}\",\"users\":[{\"userlogin\": \"${account.accountID}\"}]}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
]
}

rushikeshvartak · ‎07/18/2024

What is your entitlement type name under endpoint - Entitlement Types - view detail icon

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

gwagh · ‎07/18/2024

Hi @Gurukrishna96 ,

"name": "group removal"

Here you need to pass Entitlment Type. Ex- Role/Groups.

Regards,
Gaurav Wagh
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

rushikeshvartak · ‎07/16/2024

Please share postman screenshot and curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]

⚠️‼️‼️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.‼️‼️⚠️

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Gurukrishna96 · ‎07/17/2024

@rushikeshvartak
Below is cURL response for Remove Account -

curl --location 'https://xxxx-test-wbd.epm.us-ashburn-1.ocs.oraclecloud.com//interop/rest/security/v2/users/remove' \

--header 'Content-Type: application/json' \

--header 'Authorization: ••••••' \

--data '{

"users":

[

{

"userlogin": "jdoe"

},

{

"userlogin": "chris"

}

]

}'

_______________________________________________
Remove Access

curl --location --request PUT 'https://removed.oraclecloud.com/interop/rest/security/v2/groups/removeusersfromgroup' \

--header 'Content-Type: application/json' \

--header 'Authorization: ••••••' \

--header 'Cookie: JSESSIONID=l3C54X5GdRt2S54Eepx8nOzhGmht_dUFldIr5dzFiTBKR!1615952024; _WL_AUTHCOOKIE_JSESSIONID=BEP7uovyMHZuGm7kh1eR' \

--data '{

"groupname": "G1",

"users": [

{

"userlogin": "jdoe"

},

{

"userlogin": "chris"

}

]

}'

NM · ‎07/17/2024

@Gurukrishna96 HTTP Method should be PUT instead of POST

{
"call": [
{
"name": "account",
"connection": "acctAuth",
"url": "https://wbdplandev-wbd.epm.us-ashburn-1.ocs.oraclecloud.com/interop/rest/security/v2/users/remove",
"httpMethod": "PUT",
"httpParams": "{\"users\":[{\"userlogin\": \"${account.accountID}\"}]}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
]
}

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Gurukrishna96 · ‎07/18/2024

Hi @NM I have selected the POST method for account removal as per Oracle EPM docs.
Remove account is working correctly (the above json).

However, remove access json is not working which uses the PUT method.

NM · ‎07/18/2024

Hi @Gurukrishna96 , share your remove access json not the account one.

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Gurukrishna96 · ‎07/18/2024

Hi @NM Please check -

{
"call": [
{
"name": "group removal",
"connection": "acctAuth",
"url": "https://wbdplandev-wbd.epm.us-ashburn-1.ocs.oraclecloud.com/interop/rest/security/v2/groups/removeus...",
"httpMethod": "PUT",
"httpParams": "{\"groupname\": \"${entitlementValue.entitlementID}\",\"users\":[{\"userlogin\": \"${account.accountID}\"}]}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
}
}
]
}

NM · ‎07/18/2024

Instead of group removal name should be your entitlement type name

"call": [

{

"name": "entitlement type name"

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Gurukrishna96 · ‎07/19/2024

Thanks @NM @gwagh @rushikeshvartak This resolved the issue. I was assuming something was wrong with the payload.

One ques - How do we move deleted accounts to "suspended from import service" status, I can only see the status changed to "Manually Suspended". I have checked in Postman and account does not exist any more. I have also run the import job.

I have added below part in Import JSON -

"statusAndThresholdConfig": {
"inactivateAccountsNotInFile": true
}

rushikeshvartak · ‎07/19/2024

Share full Status threshold config

{
"statusAndThresholdConfig":
{
"statusColumn": "customproperty30",
"activeStatus": ["1"],
"deleteLinks": false,
"accountThresholdValue": 0,
"correlateInactiveAccounts": false,
"inactivateAccountsNotInFile": true
}
}

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM · ‎07/19/2024

Hi @Gurukrishna96 , make this false

inactivateAccountsNotInFile": false

Thanks

If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Saviynt Forums

Remove Access/Account tasks failing for REST based connections