Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/13/2024 02:17 AM - edited 08/13/2024 02:23 AM
Hi,
As per the Saviynt REST API documentation, we can generate access token using below two methods,
1. By passing username and password
2. By passing refresh token.
As per my understanding, though we are generating access token using the credentials in the first approach, it is not technically oauth flow as we aren't passing any grant type.
So if the client wants to use oauth, we had to chose the second approach. But I couldn't find any docunmentation that provide steps to reauthenticate again if the refresh token is expired.
Noticed below information in the release notes,
The OAuth 2.0 refresh tokens issued by Saviynt can be invalidated at any time, and applications that use such tokens, such as applications that use the API and older versions of Saviynt’s ServiceNow app must ensure graceful handling of such refresh token invalidation. The recommended approach to automatically and gracefully handle this is for applications to perform another authentication when encountering an invalid token error, which can be a programmatic or interactive call to the login API using either stored credentials or those prompted by a user again. In the event an application has hardcoded the refresh token, it should be updated with the re-authentication process. If such an application cannot be updated, the refresh token must be manually regenerated and updated upon refresh token invalidation
But still it doesn't clarify how I can gracefully handle the refresh token invalidation. We have also been made aware that refresh token get invalidated everytime we upgrade to newer version. Is this still the case? What is the default expiry period for refresh token? is there any way we can update that default value for the refresh token expiry period?
Regards
Lokesh
08/16/2024 01:54 AM
Hello Lokesh,
Did you refer the document :
https://docs.saviyntcloud.com/bundle/Dev-Handbook-REST-v24x/page/Content/Developers-Handbook.htm
You may refer the example of Static Refresh Token:
In this scenario, access tokens expire after a specific time period but refresh tokens never expire. Therefore, refresh tokens are used as new access tokens. To regenerate a refresh token, specify values for the following attributes: url, httpMethod, httpParams, httpHeaders, and httpContentType.
Thanks,
Sudesh
08/16/2024 02:16 AM
Hi Sudesh,
I need help with understanding how the Saviynt REST API works (https://documenter.getpostman.com/view/23973797/2s9Yyy8JLo)
Not with respect to the capability of the REST connector.
Regards
Lokesh
08/16/2024 02:27 AM
Hello @LokeshSoundar1,
Could you please share your specific use case or requirements and I’ll be happy to provide more assistance further.
Thanks,
08/19/2024 05:33 AM
Hi Sudesh,
As I mentioned in the original post, If we use the refresh token (https://documenter.getpostman.com/view/23973797/2s9Yyy8JLo#dc20c9e5-9202-4a9b-be6d-274c337a550d) for the Saviynt REST API to generate access token for authentication, how can we regenerate the refresh token programatically without manual intervention. Since the refresh token gets invalidated every time there is a version upgrade, we want to understand this. I have explained this in much detail in the original post.