Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Saviynt REST API OAUTH based Authentication

LokeshSoundar1
New Contributor
New Contributor

Hi,

As per the Saviynt REST API documentation, we can generate access token using below two methods,

1. By passing username and password

2. By passing refresh token.

As per my understanding, though we are generating access token using the credentials in the first approach, it is not technically oauth flow as we aren't passing any grant type.

So if the client wants to use oauth, we had to chose the second approach. But I couldn't find any docunmentation that provide steps to reauthenticate again if the refresh token is expired.

Noticed below information in the release notes,

The OAuth 2.0 refresh tokens issued by Saviynt can be invalidated at any time, and applications that use such tokens, such as applications that use the API and older versions of Saviynt’s ServiceNow app must ensure graceful handling of such refresh token invalidation. The recommended approach to automatically and gracefully handle this is for applications to perform another authentication when encountering an invalid token error, which can be a programmatic or interactive call to the login API using either stored credentials or those prompted by a user again. In the event an application has hardcoded the refresh token, it should be updated with the re-authentication process. If such an application cannot be updated, the refresh token must be manually regenerated and updated upon refresh token invalidation

But still it doesn't clarify how I can gracefully handle the refresh token invalidation. We have also been made aware that refresh token get invalidated everytime we upgrade to newer version. Is this still the case? What is the default expiry period for refresh token? is there any way we can update that default value for the refresh token expiry period?

 

Regards

Lokesh

4 REPLIES 4

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello Lokesh,

Did you refer the document : 
https://docs.saviyntcloud.com/bundle/Dev-Handbook-REST-v24x/page/Content/Developers-Handbook.htm
You may refer the example of Static Refresh Token: 

In this scenario, access tokens expire after a specific time period but refresh tokens never expire. Therefore, refresh tokens are used as new access tokens. To regenerate a refresh token, specify values for the following attributes: 
urlhttpMethodhttpParamshttpHeaders, and httpContentType.

Thanks,
Sudesh

If you find the above response useful, Kindly Mark it as "Accept As Solution".

LokeshSoundar1
New Contributor
New Contributor

Hi Sudesh,

I need help with understanding how the Saviynt REST API works  (https://documenter.getpostman.com/view/23973797/2s9Yyy8JLo)

Not with respect to the capability of the REST connector.

 

Regards

Lokesh

Hello @LokeshSoundar1,

Could you please share your specific use case or requirements and I’ll be happy to provide more  assistance further.

Thanks,

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Hi Sudesh,

As I mentioned in the original post, If we use the refresh token (https://documenter.getpostman.com/view/23973797/2s9Yyy8JLo#dc20c9e5-9202-4a9b-be6d-274c337a550d) for the Saviynt REST API to generate access token for authentication, how can we regenerate the refresh token programatically without manual intervention. Since the refresh token gets invalidated every time there is a version upgrade, we want to understand this. I have explained this in much detail in the original post.