Saviynt Forums

NM · ‎01/31/2024

Hi,

We are onbaording an application for which we first have to use a get call createaccount json to get some details and then via that in call2 create account in different table.

whenever we are passing binding variable with '$' character and same character is used in select we are getting an error, How can we resolve the same.

URL - https://abc/person/${arsTasks.accountName}?$select=Personid,accountstatus"

Update:

Above is resolved, I have another question relate to same .. even though we haven't added any password policy in connection and ss we could still see default password policy triggered and the one present in parent endpoint(we are using mapped endpoint concept here) doesn't match.. plus wed don't require it, Why is it even getting triggered?

In security system we have setup task action as "EntitlementOnly" to set the accountID we are making a dummy call in create account to get ID and map it.

adarshk · ‎02/02/2024

Hi @NM

Any Impact that you are observing for this?
Please share the screenshot of the security system settings, also confirm what is the current version of EIC you are in

NM · ‎02/02/2024

Hi Adarshk,

Version 23.8

SS screenshot

Policy Rule

rushikeshvartak · ‎02/02/2024

You need to apply in Policy rule if you want custom password policy

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/02/2024

Hi Rushikesh,

As this is a mapped endpoint (Endpoint 2) we don't want to apply any password policy but if you see below screenshot even though no policy is applied a default policy is getting triggered

*Policy rule is empty (as shown in logs as well)

rushikeshvartak · ‎02/04/2024

This is expected behaviour default password policy will be used.

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/04/2024

Does password policy gets applied for all SS? was checking the same for another endpoint(Security System) i didn't find the same in the logs..

rushikeshvartak · ‎02/04/2024

Please explain design of application SS & Endpoint

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/04/2024

We have two endpoints.

EP1 and EP2

EP2 is a mapped endpoint to EP1(Configuration is set)

EP1 will be used to create account add role, remove role and delete account. In SS custom password policy is added.

EP2 points to same target but will only be used to add and remove user from group.(Account name should be same as EP1), No password policy is added in SS as well as in connection JSON.

In EP2 connection JSON

we are doing a dummy call(Create Account) to extract PersonID which is a unique identifier and map it to Saviynt account. Now what I have noticed a default password policy is getting triggered for EP2 which shouldn't get triggered for as it is not applied anywhere.(Screenshot attached above from logs)

rushikeshvartak · ‎02/05/2024

EP2 is assigned to SS1 or SS2 ?

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/05/2024

SS2 .. both endpoint have separate SS

rushikeshvartak · ‎02/05/2024

EP2 is a mapped endpoint to EP1(Configuration is set) ??

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/05/2024

Have mapped EP1 under "mapped endpoint" section of EP2

rushikeshvartak · ‎02/05/2024

Mapped endpoint will follow Endpoint1 Policy rule

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/06/2024

Even though we have separate SS for them? Plus password policy used in SS1 doesn't match the one mentioned in logs at the time of account creation...and is it only the policy or any other attributes as well?

Password Policy applied in SS1 has minlen-8 and maxlen 18

rushikeshvartak · ‎02/06/2024

Does password policy define at connection level also

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/06/2024

Nope, Only at SS level.

Sorry my mistake got confused with another password policy, Policy applied in SS1 is set to min 32.

rushikeshvartak · ‎02/06/2024

I am confused with conflicting answers. What is Min length of SS1 password policy 8/32

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/06/2024

Hey,

Min length is set to 32

rushikeshvartak · ‎02/06/2024

Is there any pwd policy with minimum 16?

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/06/2024

No there isn't even with 10 as shown in logs.. I have attached it above.

rushikeshvartak · ‎02/06/2024

Check below

select MINIMUMLENGTH from policyrule

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/06/2024

Data Analyzer result-

rushikeshvartak · ‎02/06/2024

I can see one of the password policy is 10 as minimum length

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

NM · ‎02/06/2024

But for the same policy max is set to 20.

Logs-

rushikeshvartak · ‎02/06/2024

It seems logs are old and password policy update share latest logs

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

Saviynt Forums

Rest connector application url binding variable not working