We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

SaviyntForSaviynt REST

varunpuri
Regular Contributor
Regular Contributor

Hi,
I am trying to configure SaviyntForSaviynt REST based. I could see that whatever payload I am specifying in the Connection JSON, I always get a "Connection Succeeded" message. Whether the URL is correct or not, whether the credentials are correct or not, I always get a "Connection Succeeded" prompt. 

When I searched for in the REST connector guide, I could see that Connection JSON validation is supported. Following is mentioned in the guide :

varunpuri_0-1672227759699.png

There is an example JSON also provided in the guide for Connection JSON validation. The testConnectionParams as provided in the guide is :

varunpuri_2-1672227976656.png

Here, I have to replace the domain_name with my domain name. But, I have a few questions :

1. What is the users.json as highlighted in the above script ?
2. In the line which says : "Authorization": "${access_token}"
    do we need to specify the access token which is fetched when we call the authentication API using the service account which we have created to call the Saviynt APIs ? If yes, should that access token value be preceded by the text Bearer ?

Best Regards,
Varun

12 REPLIES 12

rushikeshvartak
All-Star
All-Star

Instead of users.json you csn add any saviynt api or login api which returns 200

access_token internally populated with bearer


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri
Regular Contributor
Regular Contributor

I am using the below JSON, but still the connection is failing Kindly assist :

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"authError": [
"InvalidAuthenticationToken"
],
"url": "https://<DOMAIN>/ECM/api/login",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "Bearer <ACCESS_TOKEN_HERE>",
"httpParams": "{\"username\":\"<USERNAME>\",\"password\":\"<PASSWORD>\"}",
"retryFailureStatusCode": [
401
],
"testConnectionParams": {
"http": {
"url": "https://<DOMAIN>/ECM/api/login",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"successReponse": [],
"successResponsePath": "",
"errors": [
"Couldn't authenticate you"
],
"errorPath": "error"
}
}
}
}

 

Add successReponse like 200


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri
Regular Contributor
Regular Contributor

Still the connection is failing. Updated JSON is :

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"authError": [
"InvalidAuthenticationToken"
],
"url": "https://<DOMAIN>/ECM/api/login",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "Bearer <ACCESS_TOKEN_HERE>",
"httpParams": "{\"username\":\"<USERNAME>\",\"password\":\"<PASSWORD>\"}",
"retryFailureStatusCode": [
401
],
"testConnectionParams": {
"http": {
"url": "https://<DOMAIN>/ECM/api/login",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"successResponses": {
"statusCode": [
200,
201
]
},
"successResponsePath": "",
"errors": [
"Couldn't authenticate you"
],
"errorPath": "error"
}
}
}
}

varunpuri
Regular Contributor
Regular Contributor

Hello,

Any possible resolution to this issue please ? Upon checking the logs, i saw the following, but using the same username and password, I am able to login into Saviynt SSM.

GenericProvisioningService - Calling REST callRestWebService : https://<DOMAIN>/ECMv6/api/auth/login"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108568971Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - isFipsEnabled = false"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108587771Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - sslParams : null"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108600771Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - proxyParams : null"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.108617171Z stdout F 2022-12-29 11:53:51,108 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - sslSocketFactory : null"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.169769592Z stdout F 2022-12-29 11:53:51,169 [http-nio-8080-exec-26] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build() called."
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313831284Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - responseStatusCode: 403"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313852384Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG rest.RestUtilService - Entered getResponseHeaders method"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313858084Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - Webservice call failed - https://<DOMAIN>/ECMv6/api/auth/login"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313860884Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - HTTP error code : 403"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313863284Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - Error Message: <html>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313866084Z stdout F <head><title>403 Forbidden</title></head>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313868884Z stdout F <body>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313872184Z stdout F <center><h1>403 Forbidden</h1></center>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313874884Z stdout F <hr><center>nginx</center>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313877384Z stdout F </body>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313879684Z stdout F </html>"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313881884Z stdout F "
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313888984Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG generic.GenericProvisioningService - REST service call took: 0.205 seconds"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313891584Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG microservice.MicroserviceApiCallService - Exit validateUserApi() method.."
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313893884Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG services.UsersService - Invalid username or password...**"
"ecm","2022-12-29T11:53:51.496+0000","2022-12-29T11:53:51.313905684Z stdout F 2022-12-29 11:53:51,313 [http-nio-8080-exec-26] DEBUG services.UsersService - After calling clear cach MS API"

access_token": "Bearer <ACCESS_TOKEN_HERE>",


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri
Regular Contributor
Regular Contributor

@rushikeshvartak - I made this change but still the connection is failing. I have opened a ticket in freshdesk for the same. 

Will post the resolution as and when I get it. Appreciate your help.

This is error 403 

https://<DOMAIN>/ECMv6/api/auth/login"

it should be ECM instead of ECMv6

can you check connector configuration or microservice configuration 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri
Regular Contributor
Regular Contributor

The ConnectionJSON which I am using has ECM only. Snapshot below :

varunpuri_0-1672663083080.png

 

Is it working from postman


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

varunpuri
Regular Contributor
Regular Contributor

Postman is disabled in customer environment. However, I have tried to call this API using Powershell ISE. It is generating the access token successfully. Snippet attached. Please note that I have removed the username and password from the snippet :

varunpuri_0-1672663591515.png

 

IAM_99
Regular Contributor II
Regular Contributor II

Can you try this JSON

~~~~~~~~~~~~~~~~~~~~~~~~~~

 

{
"authentications": {
"Saviynt4Saviynt": {
"authType": "oauth2",
"httpHeaders": {
"Accept": "application/json"
},
"authError": ["InvalidAuthenticationToken"],
"url": "https://XXXXX-XXXXXX/ECM/api/login",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"authHeaderName": "Authorization",
"accessToken": "abc",
"httpParams": "{\"username\":\"XXXXXXX\",\"password\":\"XXXXXXXXXX\"}",
"retryFailureStatusCode": [401]
}
}
}