Saviynt Forums

Hi Team,

Integration of CyberArk using Rest Connector

We are getting error while importing data using rest connector but we are able to fetch data via postman.

We are using IP only for connection and to import data as well.

PFB Error Logs, connection Json and import Json.

Error:

2024-04-26T13:51:26+05:30-ecm-worker-services.HttpClientUtilityService-quartzScheduler_Worker-1-j5kpm-DEBUG-called executeGetRequestWithHeaders for api...
2024-04-26T13:51:26+05:30-ecm-worker-services.HttpClientUtilityService-quartzScheduler_Worker-1-j5kpm-DEBUG-after calling executeRequestWithHeaders for api...
2024-04-26T13:51:26+05:30-ecm-worker-services.HttpClientUtilityService-quartzScheduler_Worker-1-j5kpm-DEBUG-called api...
2024-04-26T13:51:26+05:30-ecm-worker-services.HttpClientUtilityService-quartzScheduler_Worker-1-j5kpm-DEBUG-timeout validated for api...
2024-04-26T13:51:26+05:30-ecm-worker-services.HttpClientUtilityService-quartzScheduler_Worker-1-j5kpm-DEBUG-got response for api...
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestUtilService-quartzScheduler_Worker-1-j5kpm-DEBUG-Got showLogs = true
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestProvisioningService-quartzScheduler_Worker-1-j5kpm-DEBUG-Got Webservice API Response: [error:Error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestUtilService-quartzScheduler_Worker-1-j5kpm-DEBUG-pullObjectsByRest - responseStatusCode ::null
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestUtilService-quartzScheduler_Worker-1-j5kpm-DEBUG-Got showLogs = true
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestUtilService-quartzScheduler_Worker-1-j5kpm-DEBUG-Got null response statusCode with erroMsg - [error:Error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestProvisioningService-quartzScheduler_Worker-1-j5kpm-ERROR-Exception in getting response in pullObjectsByRest :
2024-04-26T13:51:27+05:30-ecm-worker--null-j5kpm--java.lang.Exception: NullResponseFromTarget at com.saviynt.provisoning.rest.RestUtilService.checkForErrorMsg(RestUtilService.groovy:1463) at com.saviynt.provisoning.rest.RestProvisioningService.pullObjectsByRest(RestProvisioningService.groovy:4539) at com.saviynt.provisoning.rest.RestProvisioningService.processAccountsByPagination(RestProvisioningService.groovy:4244) at com.saviynt.provisoning.rest.RestProvisioningService.processAccounts(RestProvisioningService.groovy:4171) at com.saviynt.provisoning.rest.RestProvisioningService.processAccountsFinal(RestProvisioningService.groovy:1681) at com.saviynt.provisoning.rest.RestProvisioningService.processAccountsFullBySequentialAndIterative(RestProvisioningService.groovy:1645) at com.saviynt.provisoning.rest.RestProvisioningService.importAccountsFull(RestProvisioningService.groovy:1473) at com.saviynt.provisoning.rest.RestProvisioningService.doImport(RestProvisioningService.groovy:138) at com.saviynt.ecm.integration.ExternalConnectionCallService.invokeExternalMethod(ExternalConnectionCallService.groovy:232) at SapImportJob.execute(SapImportJob.groovy:109) at org.quartz.core.JobRunShell.run(JobRunShell.java:199) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:546)
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestUtilService-quartzScheduler_Worker-1-j5kpm-DEBUG-Got showLogs = true
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestUtilService-quartzScheduler_Worker-1-j5kpm-DEBUG-Got showLogs = true
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestProvisioningService-quartzScheduler_Worker-1-j5kpm-DEBUG-Error while getting Account Import response for url- https://xx.xx.xx.xx/Password=******/api/Users  is: null
2024-04-26T13:51:26+05:30-ecm-worker-rest.RestProvisioningService-quartzScheduler_Worker-1-j5kpm-DEBUG-Getting response statusCode null, so failing Account Import Job

Connection Json:

{
"authentications": {
"acctAuth": {
"authType": "Basic",
"httpHeaders": {
"Accept": "application/xml",
"contentType": "application/json"
},
"authError": [
"ITATS366E",
"PASWS006E"
],
"url": "https://IP/PasswordVault/API/Auth/CyberArk/Logon ",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "ErrorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "string.content",
"authHeaderName": "Authorization",
"accessToken": "Basic ",
"httpParams": ": "
}
},
"username": "xxxxxxxxx",
"password": "xxxxx"
}

ImportAccountEntJSON:

{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {
"statusColumn": "customproperty7",
"activeStatus": [
"true"
],
"deleteLinks": true,
"accountThresholdValue": 20,
"correlateInactiveAccounts": false,
"inactivateAccountsNotInFile": true,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://IP/PasswordVault/api/Users ",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpMethod": "GET",
"httpContentType": "application/json"
},
"listField": "Users",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "username~#~char"
},
"makeProcessingStatus": true
},
"call2": {
"callOrder": 1,
"stageNumber": 3,
"http": {
"url": "https://IP/PasswordVault/api/Users/${accountName }",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpMethod": "GET",
"httpContentType": "application/json"
},
"inputParams": {
"dependentCall": true
},
"listField": "",
"keyField": "accountID",
"nextApiKeyField": "accountID",
"colsToPropsMap": {
"name": "username~#~char",
"status": "enableUser~#~char",
"displayName": "username~#~char",
"accounttype": "userType~#~char",
"customproperty1": "source~#~char",
"customproperty2": "componentUser~#~char",
"customproperty3": "vaultAuthorization~#~char",
"customproperty5": "location~#~char",
"customproperty6": "suspended~#~char",
"customproperty7": "enableUser~#~char",
"customproperty8": "lastSuccessfulLoginDate~#~char",
"customproperty9": "unAuthorizedInterfaces~#~char",
"customproperty10": "authenticationMethod~#~char",
"customproperty11": "passwordNeverExpires~#~char",
"customproperty12": "distinguishedName~#~char",
"customproperty13": "description~#~char",
"customproperty14": "businessAddress~#~char",
"customproperty15": "internet~#~char",
"customproperty16": "phones~#~char",
"customproperty17": "personalDetails~#~char",
"accountID": "id~#~char"
}
}
}
},
"entitlementParams": {
"processingType": "SequentialAndIterative",
"entTypes": {
"Groups": {
"entTypeOrder": 0,
"entTypeLabels": {
"customproperty1": "Group Type",
"customproperty2": "Location"
},
"call": {
"call1": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"url": "https://IP/PasswordVault/api/UserGroups ",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "value",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "groupName~#~char",
"displayname": "groupName~#~char",
"description": "description~#~char",
"entitlement_glossary": "description~#~char",
"customproperty1": "groupType~#~char",
"customproperty2": "location~#~char"
},
"disableDeletedEntitlements": true
}
}
},
"Safes": {
"entTypeOrder": 1,
"entTypeLabels": {
"customproperty1": "Safe URL ID",
"customproperty2": "Location"
},
"call": {
"call1": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"url": "https://IP/PasswordVault/api/Safes ",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "Safes",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "SafeUrlId~#~char",
"entitlement_value": "SafeName~#~char",
"displayname": "SafeName~#~char",
"description": "Description~#~char",
"entitlement_glossary": "SafeName~#~char",
"customproperty1": "SafeUrlId~#~char",
"customproperty2": "Location~#~char"
},
"disableDeletedEntitlements": true
}
}
},
"PrivilegedAccounts": {
"entTypeOrder": 2,
"entTypeLabels": {
"customproperty1": "UserName",
"customproperty2": "Platform ID",
"customproperty3": "Safe Name",
"customproperty4": "Secret Type",
"customproperty5": "Application ID",
"customproperty6": "Active Directory ID",
"customproperty7": "automaticManagementEnabled",
"customproperty8": "Status",
"customproperty9": "lastModifiedTime",
"customproperty10": "createdTime"
},
"call": {
"call1": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"url": "https://IP/PasswordVault/api/Accounts ",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "value",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "name~#~char",
"displayname": "name~#~char",
"description": "name~#~char",
"entitlement_glossary": "name~#~char",
"customproperty1": "userName~#~char",
"customproperty2": "platformId~#~char",
"customproperty3": "safeName~#~char",
"customproperty4": "secretType~#~char",
"customproperty5": "platformAccountProperties.ApplicationID~#~char",
"customproperty6": "platformAccountProperties.ActiveDirectoryID~#~char",
"customproperty7": "secretManagement.automaticManagementEnabled~#~char",
"customproperty8": "secretManagement.status~#~char",
"customproperty9": "secretManagement.lastModifiedTime~#~char",
"customproperty10": "createdTime~#~char"
},
"disableDeletedEntitlements": true
}
}
}
}
},
"acctEntParams": {
"connection": "acctAuth",
"entTypes": {
"Safes": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"showJobHistory": true,
"processingType": "httpEntToAcct",
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://IP/PasswordVault/api/Safes/${id}/Members ",
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET"
},
"listField": "SafeMembers",
"entKeyField": "entitlementID",
"acctIdPath": "MemberName",
"acctKeyField": "name"
}
}
}
}
},
"entMappingParams": {
"processingType": "SequentialAndIterative",
"entTypes": {
"Safes": {
"ent1KeyField": "entitlement_value",
"call": {
"call1": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://IP/PasswordVault/api/Accounts ",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "value",
"ent1IdPath": "safeName",
"ent2IdPath": "id",
"ent2KeyField": "entitlementID",
"targetEntType": "PrivilegedAccounts",
"mappingTypes": [
"ENT2"
]
}
}
}
}
}
}

[This message has been edited by moderator to mask sensitive info]