Click HERE to see how Saviynt Intelligence is transforming the industry. |
05/17/2023 10:05 AM - edited 05/17/2023 12:20 PM
We noticed all the entitlements to get inactivated in Saviynt, if the target API gives 500. We have defined successResponses (statuscode as 200) and set "doNotChangeIfFailed": true in our entitlementParams block. Still the system seems to inactive all entitlements as "disableDeletedEntitlements": true
{
"accountParams": {
"connection": "acctAuth",
"createUsers": false,
"adminName": "admin",
"processingType": "SequentialAndIterative",
"successResponses": {
"statusCode": [
200
]
},
"doNotChangeIfFailed": true,
"statusAndThresholdConfig": {
"accountsNotInImportAction": "Suspend",
"accountThresholdValue": 1000,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://hostname.domainname/api/v1/users",
"httpContentType": "application/json",
"httpMethod": "GET",
"httpHeaders": {
"Accept": "application/json",
"token": "${access_token}",
"Authorization": "${connection.mwAuthToken}"
}
},
"listField": "",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "email~#~char",
"name": "email~#~char",
"displayName": "fullName~#~char",
"customproperty1": "id~#~char",
"customproperty10": "additionalAttributes.status~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
}
}
},
"acctEntMappings": {
"Role": {
"importAsEntitlement": true,
"listPath": "roles",
"idPath": "id",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "name~#~char",
"description": "name~#~char"
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"successResponses": {
"statusCode": [
200
]
},
"doNotChangeIfFailed": true,
"entTypes": {
"Role": {
"call": {
"call1": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"Accept": "application/json",
"token": "${access_token}",
"Authorization": "${connection.mwAuthToken}"
},
"url": "https://hostname.domainname/api/v1/roles",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "BaseRole",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "name~#~char",
"description": "name~#~char"
},
"disableDeletedEntitlements": true
}
}
}
}
},
"acctEntParams": {
"processingType": "acctToEntMapping"
}
}
When we created this Saviynt ticket - https://saviynt.freshdesk.com/support/tickets/1193763, we were on 5.5 SP 3.10 and we notice this issue even now while we are on SP 3.18 - https://saviynt.freshdesk.com/support/tickets/1629155
Logs and issue walkthrough can be referenced in the freshdesk ticket itself.
-Siva
Solved! Go to Solution.
05/17/2023 11:16 AM
Can you also define the unsuccessResponses in your JSON and see if that solves the issue.
"processingType": "SequentialAndIterative",
"successResponses": {
"statusCode": [
200
]
},
"unsuccessResponses": null,
"doNotChangeIfFailed": true,
"entTypes": {
07/10/2023 02:40 PM
It didn't resolve the issue, @SB !
Found that entThresholdValue need to be defined in StatusThresholdConfig block for the doNotChangeIfFailed tag defined in importAcctEntJson to work as expected.
"doNotChangeIfFailed": true,
SampleStatusThresholdConfig Json
{
"statusAndThresholdConfig": {
"accountThresholdValue": 100,
"inactivateAccountsNotInFile": true,
"statusColumn": "customproperty30",
"activeStatus": [
"ENABLE",
"PROVISIONED"
],
"inactivateEntsNotInFeed": true,
"entThresholdValue": {
"entType": {
"Group": {
"ent": 100
},
"Role": {
"ent": 100
}
}
}
}
}
-Siva