and more in a single search tool across platforms. Read the announcement here. |
11/08/2022 02:53 AM
Hi,
We are trying to configure the SuccessFactors connector but are receiving an error on add and test.
The error logs are showing a 401 and "DEBUG rest.RestUtilService - Exception in RestUtilService.refreshAccessToken : org.apache.commons.lang.UnhandledException: org.codehaus.groovy.grails.web.converters.exceptions.ConverterException: org.codehaus.groovy.grails.web.json.JSONException: Misplaced key: expected mode of KEY but was OBJECT"
The connection details work in Postman.
We have also tried the template and the example json from the Freshdesk guide. The example does not include the params check so we are able to save, however, the user import fails.
Is there anything we should be aware of or check?
11/08/2022 03:41 AM
Please share masked connection details. It seems credentials are wrong
11/08/2022 04:32 AM
Can you share the connection json over here?
Integration with SF is 2 step process if you have validated via postman :
1. oAuth IDP call : Provide here client_id/user_id/token_url/private_key
2. oAuth Token generation. : Provide here company_id/client_id/grant_type/assertion
11/08/2022 05:16 AM
Hi, below is the json. I have replaced any custom data with "xxxx" so you know what we have configured.
We configured all the fields that you mentioned, Manu. The assertion we placed in the refresh token field.
{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://xxxx/oauth/token",
"httpMethod": "POST",
"httpParams": {
"company_id": "xxxx",
"client_id": "xxxx",
"grant_type": "urn:ietf:params:oauth:grant-type:saml2-bearer",
"assertion": "${refresh_token}"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"Unable to authenticate the client",
"Invalid OAuth token Bearer",
"Unable to retrieve access token"
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"refreshType": "RefreshToken",
"tokenType": "Bearer",
"accessToken": "Bearer xxxx",
"refreshToken": "xxxx",
"testConnectionParams": {
"http": {
"url": "https://xxxx/odata/v2/User?$select=username,empId,firstName,lastName,custom01,custom13,email&$filter=status+in+'active'+,+'inactive'+and+lastModifiedWithTZ+ge+datetime'2019-11-04T17:30:00'&asOfDate=2099-01-01",
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET",
"apiPath": "/User?$select=username,empId,firstName,lastName,custom01,custom13,email&$filter=status+in+'active'+,+'inactive'+and+lastModifiedWithTZ+ge+datetime'2019-11-04T17:30:00'&asOfDate=2099-01-01",
"requestBody": "",
"httpParams": {}
},
"successResponse": [],
"successResponsePath": "responseText",
"errors": [
"fail",
"error"
],
"errornPath": "responseText"
},
"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",
"refreshTokenCall": {
"refreshTokenResponsePath": "",
"url": "https://xxxx/oauth/idp",
"httpMethod": "POST",
"httpParams": {
"client_id": "xxxx",
"user_id": "xxxx",
"token_url": "https://xxxx/oauth/token",
"private_key": "xxxx"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded"
}
}
}
}
11/08/2022 06:10 AM
Can you try with below json once :
{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "https://XXXXX/oauth/token",
"httpMethod": "POST",
"httpParams": {
"company_id": "XXXX",
"client_id": "XXXX",
"grant_type": "urn:ietf:params:oauth:grant-type:saml2-bearer",
"assertion": "${refresh_token}"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded",
"authError": [
"Unable to authenticate the client",
"Invalid OAuth token Bearer",
"Unable to retrieve access token"
],
"retryFailureStatusCode": [
401,
403
],
"errorPath": "",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"refreshType": "RefreshToken",
"tokenType": "Bearer",
"accessToken": "Bearer XXXXXX",
"refreshToken": "XXXXXX",
"refreshTokenAuthError": [
"Unable to retrieve SAML assertion",
"The provided SAML assertion is expired"
],
"refreshTokenErrorPath": "errorMessage",
"refreshTokenCall": {
"refreshTokenResponsePath": "",
"url": "https://XXXX/oauth/idp",
"httpMethod": "POST",
"httpParams": {
"client_id": "XXX",
"user_id": "XXXX",
"token_url": "https://XXXXX/oauth/token",
"private_key": "XXXXXX"
},
"httpHeaders": {},
"httpContentType": "application/x-www-form-urlencoded",
"apiRateLimitConfig": {
"retryAfterCalls": 50000,
"retryWaitSeconds": 60
}
}
}
}
}
11/08/2022 08:30 AM
Thank you, Manish,
Unfortunately, that also fails.
Are you able to confirm what should be provided for fields accessToken and refreshToken, please?
11/08/2022 11:07 AM
ImportAccountEntJSON
--------------------------------------
{"accountParams":{"connection":"SuccessFactors","processingType":"SequentialAndIterative","statusAndThresholdConfig":{"statusColumn":"customproperty11","activeStatus":["Active"],"deleteLinks":true,"accountThresholdValue":1000,"correlateInactiveAccounts":false,"inactivateAccountsNotInFile":true,"deleteAccEntForActiveAccounts":true},"call":{"call1":{"callOrder":0,"stageNumber":0,"http":{"url":"@@BASE_URL@@/odata/v2/User?$select=username,empId,firstName,lastName,custom01,custom13,email&$filter=status+in+'active'+,+'inactive'+and+lastModifiedWithTZ+ge+datetime'2019-11-15T17:30:00'&asOfDate=2099-01-01","httpHeaders":{"Authorization":"${access_token}","Accept":"application/json"},"httpContentType":"application/json","httpMethod":"GET"},"listField":"d.results","keyField":"accountID","colsToPropsMap":{"accountID":"empId~#~char","name":"username~#~char","status":"status~#~char","customproperty1":"firstName~#~char","customproperty2":"lastName~#~char","customproperty3":"custom13~#~char","customproperty4":"email~#~char","customproperty11":"status~#~char"},"pagination":{"nextUrl":{"nextUrlPath":"${response?.completeResponseMap?.d.__next == null ?null : response?.completeResponseMap?.'d.__next'}"}}}}},"entitlementParams":{"connection":"SuccessFactors","processingType":"SequentialAndIterative","entTypes":{"DynamicGroups":{"entTypeOrder":0,"call":{"call1":{"callOrder":0,"stageNumber":0,"http":{"url":"@@BASE_URL@@/DynamicGroups","httpHeaders":{"Authorization":"${access_token}","Accept":"application/json"},"httpContentType":"application/json","httpMethod":"GET"},"listField":"d.results","keyField":"entitlementID","colsToPropsMap":{"entitlementID":"groupID~#~char","entitlement_value":"groupName~#~char","customproperty1":"groupType~#~char","customproperty2":"lastModifiedDate~#~char"}}}},"RBPRoles":{"entTypeOrder":1,"call":{"call1":{"callOrder":0,"stageNumber":0,"http":{"url":"@@BASE_URL@@/RBPRoles","httpHeaders":{"Authorization":"${access_token}","Accept":"application/json"},"httpContentType":"application/json","httpMethod":"GET"},"listField":"d.results","keyField":"entitlementID","colsToPropsMap":{"entitlementID":"roleId~#~char","entitlement_value":"roleName~#~char","customproperty1":"roleDesc~#~char","customproperty2":"userType~#~char","customproperty3":"lastModifiedDate~#~char"}}}}}},"acctEntParams":{"connection":"SuccessFactors","entTypes":{"DynamicGroups":{"call":{"call1":{"callOrder":0,"stageNumber":0,"processingType":"httpAcctToEnt","http":{"httpHeaders":{"Authorization":"${access_token}"},"url":"@@BASE_URL@@/DynamicGroupsByUser?userId=${id}","httpContentType":"application/x-www-form-urlencoded","httpMethod":"GET"},"listField":"d.results","entIdPath":"groupId","entKeyField":"entitlementID","acctKeyField":"accountID"}}},"RBPRoles":{"call":{"call1":{"callOrder":0,"stageNumber":0,"processingType":"httpAcctToEnt","http":{"httpHeaders":{"Authorization":"${access_token}"},"url":"@@BASE_URL@@/GetUserRolesByUserId?userId=${id}","httpContentType":"application/x-www-form-urlencoded","httpMethod":"GET"},"listField":"d.results","entIdPath":"roleId","entKeyField":"entitlementID","acctKeyField":"accountID"}}}}}}
11/09/2022 01:06 AM
Hi Rushikesh,
We haven't gotten any further than the connectionjson yet.
11/08/2022 09:06 PM
AccessToken : This is the Bearer token that would have been extracted when you made the following postman call. https://XXXXXX/oauth/token
refreshToken : This is the token value generated when you have made the first call using following payload URL : https://XXXXX/oauth/idp
11/09/2022 12:49 AM
Thank you for confirming. That is what we have been using so this is not the issue.
Is there anything else we could try?