and more in a single search tool across platforms. Read the announcement here. |
09/29/2022 01:29 AM
Hi,
Below is the SAP SuccessFactors connection json used in Saviynt and throws 401 error. But through API client I can able to connect and retrieve data also. Is there any config I missed?
{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://***************/oauth/token",
"httpMethod": "POST",
"httpParams": {
"company_id": "<Passed company ID>",
"client_id": "<Passed API Key>",
"grant_type": "urn:ietf:params:oauth:grant-type:saml2-bearer",
"assertion": "${refresh_token}"
},
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/x-www-form-urlencoded"
},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"Unable to authenticate the client",
"Invalid OAuth token Bearer"
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"refreshType": "RefreshToken",
"tokenType": "Bearer",
"accessToken": "Bearer ABCD",
"refreshToken": "<specify refresh token>",
"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",
"refreshTokenCall": {
"refreshTokenResponsePath": "",
"url": "https://***************/oauth/idp",
"httpMethod": "POST",
"httpParams": {
"use_username":"true",
"client_id": "<Passed API Key>",
"user_id": "<Passed Service account username>",
"token_url": "https://************/oauth/token",
"private_key": "<Passed Private key>"
},
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded"
}
}
}
}
}
Thanks,
Balaji Balakrishnan
09/29/2022 01:11 PM
Hi ,
even we had the same issue 2 weeks back. Please check if there is any change in the Salesforce instance URL. Basically the Postman was always successful but the old URL was working from Saviynt.
After changing the URL it worked.
Previous url - https://shell-XXXXXXXXXXXXX.my.salesforce.com
New url - https://shell-XXXXXXXXXXXXXXXX.sandbox.my.salesforce.com
09/30/2022 03:00 AM
Hi Bala,
Please find explanation below :
1. Use below link to understand all the configs are done properly at SuccessFactors end.
https://userapps.support.sap.com/sap/support/knowledge/en/2885326
2. Try below json and validate :
{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://XXXXX/oauth/token",
"httpMethod": "POST",
"httpParams": {
"company_id": "XXX",
"client_id": "XXXX",
"grant_type": "urn:ietf:params:oauth:grant-type:saml2-bearer",
"assertion": "${refresh_token}"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"Unable to authenticate the client",
"Invalid OAuth token Bearer",
"Unable to retrieve access token"
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"refreshType": "RefreshToken",
"tokenType": "Bearer",
"accessToken": "Bearer XXXXXX",
"refreshToken": "XXXXX",
"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",
"refreshTokenCall": {
"refreshTokenResponsePath": "",
"url": "https://XXXXX/oauth/idp",
"httpMethod": "POST",
"httpParams": {
"client_id": "XXXX",
"user_id": "XXXX",
"token_url": "https://XXXX/oauth/token",
"private_key": "XXXXXXX"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded",
"apiRateLimitConfig": {"retryAfterCalls": 50000,"retryWaitSeconds": 60}
}
}
}
}