Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

REST - connectionJSON passing variable parameters in Authentication call

rebeccajenkins
New Contributor
New Contributor

‎04/24/2023 07:03 AM

Do the REST API connectionJSONs support the following use case, and are there any recommendations for implementing it?

We are needing to integrate with an API that uses two steps for authentication:
1. The service account hits one endpoint to register with a client_id and client_secret, then
2. The client_id and client_secret are passed as parameters to a second endpoint call to generate an access token that is used in subsequent requests

The complexity we are trying to account for is, the client information cannot be hardcoded into the connectionJSON as the client_secret expires at regular intervals (e.g., every 30 days). We can only hardcode the service account username and password in httpParams, used in the first step of retrieving the required authentication data. We need client_id and client_secret as variables in the httpParams section of the second call. In the Developer's handbook, I see examples of using data from one response body in the headers for a second call, however these calls are logically separate and do not automatically iterate. 

Please let me know if this is possible to accommodate for, or if there is additional information I can provide. 

0 Kudos
5 REPLIES 5

SB
Saviynt Employee
Saviynt Employee

‎04/26/2023 10:49 AM

Can you share the postman collection for both the calls to be used. I will need to check if this can be achieved and the postman collection will def help.


Regards,
Sahil
0 Kudos

rebeccajenkins
New Contributor
New Contributor
In response to SB

‎04/28/2023 05:08 AM

Hi Sahil,

Unfortunately there is not public Postman documentation I can post. However, I can share the logic with you:

1. Hit a /v2/auth/register endpoint with service account username, password and the API key client_id to check for renewing an expired client_secret (e.g., POST <domain>/api/v2/auth/register username=Username&password=Password&client_id=Client_Id

2. Hit a /v2/auth/token endpoint with username, client_id and client_secret renewed from previous step to retrieve an access token that will be used in subsequent calls, such as for account / entitlement import and any access actions (e.g., POST <domain>/api/v2/auth/token username=Username&client_id=Client_Id&client_secret=Client_Secret)

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to rebeccajenkins

‎04/28/2023 07:05 AM

Did you tried multicall in connection json ?

does id & secret always changes ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

rebeccajenkins
New Contributor
New Contributor
In response to rushikeshvartak

‎04/28/2023 07:18 AM

We are trying to get this configured properly in a multi-call connectionJson, yes. The client_id should be static, but the client_secret needs occasionally refreshed and the access_token in the second call needs occasionally refreshed, as well. 

I am looking for suggestions in passing a variable retrieved in the first call as a parameter in the second call, which will also retrieve a variable value for subsequent calls. If I just missed this section in the Developer's handbook, please let me know. 

0 Kudos

SB
Saviynt Employee
Saviynt Employee

‎06/08/2023 09:01 AM

Can you confirm if this was resolved. If not, can you share the Postman dump of both your calls.


Regards,
Sahil
0 Kudos
Copyright © 2024 Khoros, LLC