Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Rest connector application url binding variable not working

NM
Regular Contributor III
Regular Contributor III

Hi,

We are onbaording an application for which we first have to use a get call createaccount json to get some details and then via that in call2 create account in different table.

whenever we are passing binding variable with '$' character and same character is used in select we are getting an error, How can we resolve the same.

URL - https://abc/person/${arsTasks.accountName}?$select=Personid,accountstatus"

 

Update:

Above is resolved, I have another question relate to same .. even though we haven't added any password policy in connection and ss we could still see default password policy triggered and the one present in parent endpoint(we are using mapped endpoint concept here) doesn't match.. plus wed don't require it, Why is it even getting triggered?

In security system we have setup task action as "EntitlementOnly" to set the accountID we are making a dummy call in create account to get ID and map it.

NM_0-1706699970994.png

 

25 REPLIES 25

adarshk
Saviynt Employee
Saviynt Employee

Hi @NM  

Any Impact that you are observing for this? 
Please share the screenshot of the security system settings, also confirm what is the current version of EIC you are in 

NM
Regular Contributor III
Regular Contributor III

Hi Adarshk,

Version 23.8

SS screenshot

NM_0-1706873525179.pngNM_1-1706873554114.png

Policy Rule

NM_2-1706873568268.png

 

You need to apply in Policy rule if you want custom password policy


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

Hi Rushikesh,

As this is a mapped endpoint (Endpoint 2) we don't want to apply any password policy but if you see below screenshot even though no policy is applied a default policy is getting triggered

*Policy rule is empty (as shown in logs as well)

NM_0-1706935735799.png

 

This is expected behaviour default password policy will be used.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

Does password policy gets applied for all SS? was checking the same for another endpoint(Security System) i didn't find the same in the logs..

Please explain design of application SS & Endpoint


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

We have two endpoints.

EP1 and EP2

EP2 is a mapped endpoint to EP1(Configuration is set)

EP1 will be used to create account add role, remove role and delete account. In SS custom password policy is added.

EP2 points to same target but will only be used to add and remove user from group.(Account name should be same as EP1), No password policy is added in SS as well as in connection JSON.

In EP2 connection JSON



we are doing a dummy call(Create Account) to extract PersonID which is a unique identifier and map it to Saviynt account. Now what I have noticed a default password policy is getting triggered for EP2 which shouldn't get triggered for as it is not applied anywhere.(Screenshot attached above from logs)

EP2 is assigned to SS1 or SS2 ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

SS2 .. both endpoint have separate SS

EP2 is a mapped endpoint to EP1(Configuration is set) ??


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

Have mapped EP1 under "mapped endpoint" section of EP2

Mapped endpoint will follow Endpoint1  Policy rule


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

Even though we have separate SS for them? Plus password policy used in SS1 doesn't match the one mentioned in logs at the time of account creation...and is it only the policy or any other attributes as well?

Password Policy applied in SS1 has minlen-8 and maxlen 18

Does password policy define at connection level also


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

Nope, Only at SS level.

Sorry my mistake got confused with another password policy, Policy applied in SS1 is set to min 32.

 

I am confused with conflicting answers. What is Min length of SS1 password policy 8/32

rushikeshvartak_0-1707277570819.png

rushikeshvartak_1-1707277579999.png

 

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

Hey,

Min length is set to 32

Is there any pwd policy with minimum 16?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

No there isn't even with 10 as shown in logs.. I have attached it above.

Check below 

rushikeshvartak_0-1707279294314.png

select MINIMUMLENGTH from policyrule


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

Data Analyzer result-

NM_0-1707284131846.png

 

I can see one of the password policy is 10 as minimum length


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

NM
Regular Contributor III
Regular Contributor III

But for the same policy max is set to 20.

Logs-

NM_1-1707286289828.png

 

 

It seems logs are old and password policy update share latest logs


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.