Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP SuccessFactor connectivity issue

bala
New Contributor II
New Contributor II

‎09/29/2022 01:29 AM

 

Hi,

Below is the SAP SuccessFactors connection json used in Saviynt and throws 401 error. But through API client I can able to connect and retrieve data  also. Is there any config I missed? 

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://***************/oauth/token",
"httpMethod": "POST",
"httpParams": {
"company_id": "<Passed company ID>",
"client_id": "<Passed API Key>",
"grant_type": "urn:ietf:params:oauth:grant-type:saml2-bearer",
"assertion": "${refresh_token}"
},
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/x-www-form-urlencoded"
},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"Unable to authenticate the client",
"Invalid OAuth token Bearer"
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"refreshType": "RefreshToken",
"tokenType": "Bearer",
"accessToken": "Bearer ABCD",
"refreshToken": "<specify refresh token>",
"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",
"refreshTokenCall": {
"refreshTokenResponsePath": "",
"url": "https://***************/oauth/idp",
"httpMethod": "POST",
"httpParams": {
"use_username":"true",
"client_id": "<Passed API Key>",
"user_id": "<Passed Service account username>",
"token_url": "https://************/oauth/token",
"private_key": "<Passed Private key>"
},
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded"
}
}
}
}

Thanks,

Balaji Balakrishnan

Labels:
0 Kudos
2 REPLIES 2

riteshkumar
Saviynt Employee
Saviynt Employee

‎09/29/2022 01:11 PM

Hi ,

even we had the same issue 2 weeks back. Please check if there is any change in the Salesforce instance URL. Basically the Postman was always successful but the old URL was working from Saviynt. 

After changing the URL it worked. 

Previous url -  https://shell-XXXXXXXXXXXXX.my.salesforce.com
New url - https://shell-XXXXXXXXXXXXXXXX.sandbox.my.salesforce.com

 
0 Kudos

Manu269
All-Star
All-Star

‎09/30/2022 03:00 AM

Hi Bala,

Please find explanation below :

1. Use below link to understand all the configs are done properly at SuccessFactors end.

https://userapps.support.sap.com/sap/support/knowledge/en/2885326

2. Try below json and validate :

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://XXXXX/oauth/token",
"httpMethod": "POST",
"httpParams": {
"company_id": "XXX",
"client_id": "XXXX",
"grant_type": "urn:ietf:params:oauth:grant-type:saml2-bearer",
"assertion": "${refresh_token}"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"Unable to authenticate the client",
"Invalid OAuth token Bearer",
"Unable to retrieve access token"
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"refreshType": "RefreshToken",
"tokenType": "Bearer",
"accessToken": "Bearer XXXXXX",
"refreshToken": "XXXXX",
"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",
"refreshTokenCall": {
"refreshTokenResponsePath": "",
"url": "https://XXXXX/oauth/idp",
"httpMethod": "POST",
"httpParams": {
"client_id": "XXXX",
"user_id": "XXXX",
"token_url": "https://XXXX/oauth/token",
"private_key": "XXXXXXX"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded",
"apiRateLimitConfig": {"retryAfterCalls": 50000,"retryWaitSeconds": 60}
}
}
}
}

 

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.
0 Kudos
Copyright © 2024 Khoros, LLC