Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

REST Connector - Pass token in a header cookie

Miha
New Contributor III
New Contributor III

Hello,

We want to integrate Saviynt with Centric application and need some help with the rest connector syntax configuration, as the token must be passed in a cookie for subsequent API calls.

  • Authentication. In order to be able to initiate any GET queries, a session must be established first to authenticate in Centric server as a valid user. In Postman, this is done by hitting a POST request, as described below. In the body we have username and pwd, and the response returns a security token.

Miha_0-1724749920348.png

Response cookies:

Miha_1-1724750567099.png

  • Retrieve data. Once the above step is complete, next I can run a GET call in Postman. In the request headers - Cookie, I noticed we have the combination of the response cookies from step 1 (jsessionid, csrf token, security tokenURL).

Miha_2-1724750839868.png

In Postman, this works perfectly fine.

In Saviynt, it doesn't. I need help to configure the connector to pass the cookie(s) when making GET calls.

Furthermore, to make sure this would work, I tried some cURL queries directly from SC2 client:

  • First, I generated and stored the token to use in subsequent operations. Here I extracted just the JSESSIONID
TOKEN=$(curl -s -k -X POST https:/ABCDhost/session \
    -H "Content-Type: application/json" \
    -d '{"username": "abcduser", "password": "abcdpass"}' \
    -D - | grep -i 'Set-Cookie' | sed -n 's/.*JSESSIONID=\([^;]*\).*/\1/p')
  • Then, I ran a GET call to retrieve 2 users, using the token from previous step:
curl -k -X GET "https://ABDhost/ABCDusers?skip=0&limit=2" -H "Cookie: JSESSIONID=$TOKEN"
 

This worked in the SC2 client (with JSESSIONID only), I retrieved 2 users.

How to pass the token in a cookie in Saviynt REST Connector? (connection JSON to pass the token in a cookie + a sample of account import json would be helpful).

I know that passing multiple cookies is not supported, but can I specify at least one cookie parameter generated in the POST call response - e.g., jsessionid?

I already tried the template from rest developer guide, it is not working.

Thank you.

 

6 REPLIES 6

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @Miha ,
You can create the dummy connection json,
do the authentication while doing the operations ,: like the same give for createaccountjson below.
Please check the below sample: 

connectionJSON:
{
	"authentications": {
		"acctAuth": {
			"authType": "oauth2",
			"url": "****",
			"httpMethod": "POST",
			"httpParams": {
				"clientId": "****",
				"secret": "***"
			},
			"httpHeaders": {
				"Content-Type": "application/json"
			},
			"httpContentType": "application/json",
			"successResponses": {
				"statusCode": [
					200
				]
			},
			"unsuccessResponses": {
				"statusCode": [
					400,
					401,
					403,
					404,
					408,
					500
				]
			},
			"retryFailureStatusCode": [
				400,
				401,
				403,
				404,
				408,
				500
			],
			"maxRefreshTryCount": 5,
			"timeOutError": "Read timed out",
			"tokenResponsePath": "#HEADERS#Set-Cookie",
			"tokenType": "",
			"authHeaderName": "Cookie",
			"accessToken": "****"
		}
	}
}
Create account json
{
	"accountIdPath": "call1.message.user.name",
	"call": [{
		"name": "call1",
		"connection": "acctAuth",
		"url": "******",
		"httpMethod": "POST",
		"httpParams": "{****}",
		"httpHeaders": {
			"Cookie": "${access_token}",
			"x-XSRF-TOKEN": "${access_token.substring(access_token.indexOf('XSRF-TOKEN=') + 11, access_token.indexOf(';', access_token.indexOf('XSRF-TOKEN=')))}",
			"Accept": "application/json"
		},
		"httpContentType": "application/json",
		"successResponses": {
			"statusCode": [200, 201]
		},
		"unsuccessResponses": {
			"statusCode": [
				400,
				401,
				403,
				404,
				408,
				500
			]
		}
	}]
}

 Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Miha
New Contributor III
New Contributor III

Hi, thanks for reply.

Will that work with Basic authentication as well (not oauth)?

Hello @Miha,

I doubt, but you may give a try to confirm.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Miha
New Contributor III
New Contributor III

Hello,

It does not work (I have basic auth).

I tried to run accout import.

First, in the connection json, I retrieve the cookie, then I need to store it somehow to pass it when import runs next. 

Is that supported at all?

Thank you,

Hello,

Can you share your connections json for basic auth and sample postman screenshot of the first api that returns the cookie value.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Miha
New Contributor III
New Contributor III

Hello,

Sorry for the late reply.

I added everything in the word document attached.

This does not work; I am not able to retrieve any accounts.

Just to recap:

When running any GET operations, I must send in the Headers section of the API call>Cookie parameter, the details that were fetched in the Create session POST API call (this is the first call I am specifying the connection JSON in Saviynt).

How can I do that in Saviynt connector? How to store the cookies that must be sent every time I am trying to fetch the users?

Let me know if you need more info from my end.

Thank you.