Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

REST: How to take a JSON list and refer a value in subsequent call URL

nvachhani
Regular Contributor II
Regular Contributor II

‎09/09/2024 07:09 AM

I am trying to take a value from first call in the second call in order to remove access. Sample response for call 1:

 

"message": {
            "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#servicePrincipals('7dd70930-xxxx-4222-914a-e1a4447f737e')/appRoleAssignedTo",
            "value": [
                {
                    "id": "_uDgeL3vz0-c7iDNyM8J4xxxxREhCugOHp-g5w",
                    "deletedDateTime": null,
                    "appRoleId": "00000000-0000-0000-0000-000000000000",
                    "createdDateTime": "2023-01-18T21:36:08.1326374Z",
                    "principalDisplayName": "Test User1",
                    "principalId": "78e0e0fe-efbd-4fcf-9cee-20xxxxxcf09e2",
                    "principalType": "User",
                    "resourceDisplayName": "tokentest",
                    "resourceId": "7dd70930-ea87-4222-914a-e1xxxxxf737e"
                },
                {
                    "id": "yCrFEkOl1kiZMv2gy1DVee_8cCxxxxsbkpFECPNm4",
                    "deletedDateTime": null,
                    "appRoleId": "00000000-0000-0000-0000-000000000000",
                    "createdDateTime": "2024-08-28T21:30:03.5357459Z",
                    "principalDisplayName": "Test User2",
                    "principalId": "12c52ac8-a543-48d6-9932-fdxxxx0d579",
                    "principalType": "User",
                    "resourceDisplayName": "tokentest",
                    "resourceId": "7dd70930-ea87-4222-914a-e1xxxxf737e"
                }
            ]
        }

 

Here is the JSON I am using:

 

{
    "call": [
        {
            "name": "ApplicationInstance",
            "connection": "${connectionName}",
            "url": "https://graph.microsoft.com/v1.0/servicePrincipals/${entitlementValue.entitlementID}/appRoleAssignedTo?\\$top=999",
            "httpMethod": "GET",
            "httpHeaders": {
                "Authorization": "${access_token}",
                "Accept": "application/json"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201
                ]
            }
        },
        {
            "name": "ApplicationInstance",
            "connection": "${connectionName}",
            "url": "https://graph.microsoft.com/v1.0/servicePrincipals/${entitlementValue.entitlementID}/appRoleAssignedTo/${if (response.ApplicationInstance1.message.value.principalId.toString().equals(account.accountID)){return response.ApplicationInstance1.message.value.objectId;} else {''}}",
            "httpMethod": "DELETE",
            "httpHeaders": {
                "Authorization": "${access_token}",
                "Accept": "application/json"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "statusCode": [
                    200,
                    201,
                    204,
                    205
                ]
            }
        }
    ]
}

 

The first call is successfully getting the list. The second call produces this error:

 

{
    "error": {
        "code": "Request_UnsupportedQuery",
        "message": "Invalid resource identifier for EntitlementGrant.",
        "innerError": {
            "date": "2024-09-09T13:55:32",
            "request-id": "1a9e3feb-3ae2-4c79-ba82-74ba4760105f",
            "client-request-id": "1a9e3feb-3ae2-4c79-ba82-74ba4760105f"
        }
    }
}

 

Labels:
0 Kudos
9 REPLIES 9

NM
Esteemed Contributor
Esteemed Contributor

‎09/09/2024 08:53 AM

Hi @nvachhani for Entra ID you don't have to follow the above mentioned processs you can directly remove the user.. graph API has the endpoint to perform the required operation 


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'
0 Kudos

nvachhani
Regular Contributor II
Regular Contributor II
In response to NM

‎09/09/2024 09:15 AM

Hi,

 

What is the correct call? The call provided in AzureAD Connection Guide did not work with same. @rushikeshvartak error is attached. We are using OOTB AzureAD connector. Documentation has following call using appRoleAssignments, but it is getting same error: 

{
      "name": "ApplicationInstance",
      "connection": "${connectionName}",
      "url": "https://graph.microsoft.com/v1.0/servicePrincipals/${entitlementValue.entitlementID}/appRoleAssignments/${for (Map map : response.ApplicationInstance1.message.value){if (map.principalId.toString().equals(account.accountID)){return map.objectId;}}}",
      "httpMethod": "DELETE",
      "httpHeaders": {
        "Authorization": "${access_token}",
        "Accept": "application/json"
      },
      "httpContentType": "application/json",
      "successResponses": {
        "statusCode": [
          200,
          201,
          204,
          205
        ]
      }
    }

 

Preview file
1 KB
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to nvachhani

‎09/09/2024 10:22 AM

Does hardcoded value works ?


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to nvachhani

‎09/09/2024 01:10 PM

Add feedback on documentation page about non working code


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

rushikeshvartak
All-Star
All-Star

‎09/09/2024 08:56 AM

Are you using OOTB Azure AD or REST Connector ? and what error you are getting (share in text file)


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

nvachhani
Regular Contributor II
Regular Contributor II

‎09/09/2024 12:04 PM

Hard coded value like below is working:

 

"url": "https://graph.microsoft.com/v1.0/servicePrincipals/${entitlementValue.entitlementID}/appRoleAssigned..."

0 Kudos

pruthvi_t
Saviynt Employee
Saviynt Employee
In response to nvachhani

‎09/13/2024 11:32 AM

@nvachhani ,

The error provided above after hardcoding values is different from the initial error mentioned.

By the initial error looks like the values from call one you're trying to parse in call2 URL is not being parsed well.

Were you able to find anything in the logs when you hardcoded the values and compare it to the logs from using json params.

Thanks


Regards,
Pruthvi
0 Kudos

nvachhani
Regular Contributor II
Regular Contributor II

‎09/10/2024 04:13 AM

@NM Which call do you suggest using instead?

0 Kudos

nvachhani
Regular Contributor II
Regular Contributor II

‎09/11/2024 06:40 AM

@rushikeshvartak is there any solution for this issue? I added feedback on documentation.

0 Kudos
Copyright © 2024 Khoros, LLC