Saviynt Forums

varunpuri · ‎12/28/2022

Hi,
I am trying to configure SaviyntForSaviynt REST based. I could see that whatever payload I am specifying in the Connection JSON, I always get a "Connection Succeeded" message. Whether the URL is correct or not, whether the credentials are correct or not, I always get a "Connection Succeeded" prompt.

When I searched for in the REST connector guide, I could see that Connection JSON validation is supported. Following is mentioned in the guide :

There is an example JSON also provided in the guide for Connection JSON validation. The testConnectionParams as provided in the guide is :

Here, I have to replace the domain_name with my domain name. But, I have a few questions :

1. What is the users.json as highlighted in the above script ?
2. In the line which says : "Authorization": "${access_token}"
do we need to specify the access token which is fetched when we call the authentication API using the service account which we have created to call the Saviynt APIs ? If yes, should that access token value be preceded by the text Bearer ?

Best Regards,
Varun

rushikeshvartak · ‎12/28/2022

Instead of users.json you csn add any saviynt api or login api which returns 200

access_token internally populated with bearer

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri · ‎12/28/2022

I am using the below JSON, but still the connection is failing Kindly assist :

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"authError": [
"InvalidAuthenticationToken"
],
"url": "https://<DOMAIN>/ECM/api/login",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "Bearer <ACCESS_TOKEN_HERE>",
"httpParams": "{\"username\":\"<USERNAME>\",\"password\":\"<PASSWORD>\"}",
"retryFailureStatusCode": [
401
],
"testConnectionParams": {
"http": {
"url": "https://<DOMAIN>/ECM/api/login",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"successReponse": [],
"successResponsePath": "",
"errors": [
"Couldn't authenticate you"
],
"errorPath": "error"
}
}
}
}

rushikeshvartak · ‎12/28/2022

Add successReponse like 200

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri · ‎12/28/2022

Still the connection is failing. Updated JSON is :

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"authError": [
"InvalidAuthenticationToken"
],
"url": "https://<DOMAIN>/ECM/api/login",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "Bearer <ACCESS_TOKEN_HERE>",
"httpParams": "{\"username\":\"<USERNAME>\",\"password\":\"<PASSWORD>\"}",
"retryFailureStatusCode": [
401
],
"testConnectionParams": {
"http": {
"url": "https://<DOMAIN>/ECM/api/login",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"successResponses": {
"statusCode": [
200,
201
]
},
"successResponsePath": "",
"errors": [
"Couldn't authenticate you"
],
"errorPath": "error"
}
}
}
}

varunpuri · ‎12/29/2022

Hello,

Any possible resolution to this issue please ? Upon checking the logs, i saw the following, but using the same username and password, I am able to login into Saviynt SSM.

GenericProvisioningService - Calling REST callRestWebService : https://<DOMAIN>/ECMv6/api/auth/login"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108568971Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - isFipsEnabled = false"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108587771Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - sslParams : null"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108600771Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - proxyParams : null"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108617171Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - sslSocketFactory : null"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.169769592Z stdout F 2022-12-29 11:53:51,169 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build() called."
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313831284Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - responseStatusCode: 403"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313852384Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG rest.RestUtilService - Entered getResponseHeaders method"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313858084Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - Webservice call failed - https://<DOMAIN>/ECMv6/api/auth/login"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313860884Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - HTTP error code : 403"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313863284Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - Error Message: <html>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313866084Z stdout F <head><title>403 Forbidden</title></head>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313868884Z stdout F <body>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313872184Z stdout F <center><h1>403 Forbidden</h1></center>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313874884Z stdout F <hr><center>nginx</center>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313877384Z stdout F </body>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313879684Z stdout F </html>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313881884Z stdout F "
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313888984Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - REST service call took: 0.205 seconds"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313891584Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG microservice.MicroserviceApiCallService - Exit validateUserApi() method.."
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313893884Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG services.UsersService - Invalid username or password...**"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313905684Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG services.UsersService - After calling clear cach MS API"

rushikeshvartak · ‎12/29/2022

access_token": "Bearer <ACCESS_TOKEN_HERE>",

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri · ‎01/01/2023

@rushikeshvartak - I made this change but still the connection is failing. I have opened a ticket in freshdesk for the same.

Will post the resolution as and when I get it. Appreciate your help.

rushikeshvartak · ‎01/02/2023

This is error 403

https://<DOMAIN>/ECMv6/api/auth/login"

it should be ECM instead of ECMv6

can you check connector configuration or microservice configuration

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri · ‎01/02/2023

The ConnectionJSON which I am using has ECM only. Snapshot below :

rushikeshvartak · ‎01/02/2023

Is it working from postman

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri · ‎01/02/2023

Postman is disabled in customer environment. However, I have tried to call this API using Powershell ISE. It is generating the access token successfully. Snippet attached. Please note that I have removed the username and password from the snippet :

IAM_99 · ‎03/15/2023

Can you try this JSON

~~~~~~~~~~~~~~~~~~~~~~~~~~

{
"authentications": {
"Saviynt4Saviynt": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"authError": ["InvalidAuthenticationToken"],
"url": "https://XXXXX-XXXXXX/ECM/api/login",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "abc",
"httpParams": "{\"username\":\"XXXXXXX\",\"password\":\"XXXXXXXXXX\"}",
"retryFailureStatusCode": [401]
}
}
}