Click HERE to see how Saviynt Intelligence is transforming the industry. |
01/31/2024 12:39 AM - edited 01/31/2024 03:45 AM
Hi,
We are onbaording an application for which we first have to use a get call createaccount json to get some details and then via that in call2 create account in different table.
whenever we are passing binding variable with '$' character and same character is used in select we are getting an error, How can we resolve the same.
URL - https://abc/person/${arsTasks.accountName}?$select=Personid,accountstatus"
Update:
Above is resolved, I have another question relate to same .. even though we haven't added any password policy in connection and ss we could still see default password policy triggered and the one present in parent endpoint(we are using mapped endpoint concept here) doesn't match.. plus wed don't require it, Why is it even getting triggered?
In security system we have setup task action as "EntitlementOnly" to set the accountID we are making a dummy call in create account to get ID and map it.
02/02/2024 02:21 AM - edited 02/02/2024 02:22 AM
Hi @NM
Any Impact that you are observing for this?
Please share the screenshot of the security system settings, also confirm what is the current version of EIC you are in
02/02/2024 03:33 AM
Hi Adarshk,
Version 23.8
SS screenshot
Policy Rule
02/02/2024 08:21 PM
You need to apply in Policy rule if you want custom password policy
02/02/2024 08:49 PM - edited 02/02/2024 08:50 PM
Hi Rushikesh,
As this is a mapped endpoint (Endpoint 2) we don't want to apply any password policy but if you see below screenshot even though no policy is applied a default policy is getting triggered
*Policy rule is empty (as shown in logs as well)
02/04/2024 06:38 PM
This is expected behaviour default password policy will be used.
02/04/2024 07:25 PM
Does password policy gets applied for all SS? was checking the same for another endpoint(Security System) i didn't find the same in the logs..
02/04/2024 11:29 PM
Please explain design of application SS & Endpoint
02/04/2024 11:42 PM
We have two endpoints.
EP1 and EP2
EP2 is a mapped endpoint to EP1(Configuration is set)
EP1 will be used to create account add role, remove role and delete account. In SS custom password policy is added.
EP2 points to same target but will only be used to add and remove user from group.(Account name should be same as EP1), No password policy is added in SS as well as in connection JSON.
In EP2 connection JSON
we are doing a dummy call(Create Account) to extract PersonID which is a unique identifier and map it to Saviynt account. Now what I have noticed a default password policy is getting triggered for EP2 which shouldn't get triggered for as it is not applied anywhere.(Screenshot attached above from logs)
02/05/2024 08:31 PM
EP2 is assigned to SS1 or SS2 ?
02/05/2024 08:33 PM
SS2 .. both endpoint have separate SS
02/05/2024 08:50 PM
EP2 is a mapped endpoint to EP1(Configuration is set) ??
02/05/2024 08:53 PM
Have mapped EP1 under "mapped endpoint" section of EP2
02/05/2024 08:54 PM
Mapped endpoint will follow Endpoint1 Policy rule
02/06/2024 06:34 AM
Even though we have separate SS for them? Plus password policy used in SS1 doesn't match the one mentioned in logs at the time of account creation...and is it only the policy or any other attributes as well?
Password Policy applied in SS1 has minlen-8 and maxlen 18
02/06/2024 06:36 AM
Does password policy define at connection level also
02/06/2024 06:39 AM - edited 02/06/2024 06:40 AM
Nope, Only at SS level.
Sorry my mistake got confused with another password policy, Policy applied in SS1 is set to min 32.
02/06/2024 07:46 PM
I am confused with conflicting answers. What is Min length of SS1 password policy 8/32
02/06/2024 07:48 PM
Hey,
Min length is set to 32
02/06/2024 07:50 PM
Is there any pwd policy with minimum 16?
02/06/2024 07:52 PM
No there isn't even with 10 as shown in logs.. I have attached it above.
02/06/2024 08:15 PM
Check below
select MINIMUMLENGTH from policyrule
02/06/2024 09:36 PM
Data Analyzer result-
02/06/2024 10:08 PM
I can see one of the password policy is 10 as minimum length
02/06/2024 10:11 PM
But for the same policy max is set to 20.
Logs-
02/06/2024 10:18 PM
It seems logs are old and password policy update share latest logs