Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Token is not re-generated after it expires

Manoj901
New Contributor
New Contributor

Hi Team,

I am using REST connector for an application integration, the token is working only for 6 min and after that it is expired, I have used refresh_token to re-generate the token but it is not working. Here is my conneciton json and import account json

 

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "http://XXX",
"contentType":"application/x-www-form-urlencoded",
"httpParams": {
"grant_type": "refresh_token",
"refresh_token": "${refresh_token}"
},
"httpHeaders": {
"Authentication":"Basic ODI1NjgzNjpURVNUSU5H",
"Accept":"*/*"
},
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken"
],
"httpMethod": "POST",
"httpContentType": "application/x-www-form-urlencoded",
"refreshType": "RefreshToken",
"refreshTokenResponsePath": "refresh_token",
"refreshToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4MjU2ODM2IiwiaXNzIjoiS05PV2JpbGl0eSIsImlhdCI6MTY4OTAyMDk2OCwiZXhwIjoxNjg5MDY0MTY4LCJ0eXAiOiJyZWZyZXNoIn0.oAreMAZkST1XB7TpBliTxnCpCwC03sw3mwKtzQC_2wGwJeQNfBN6ijP_PPfRnWBCfVGLujBsT08moQsIyiPt5g",
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 1,
"authHeaderName": "Authentication",
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401,403,500
],
"accessToken": "Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4MjU2ODM2IiwiaXNzIjoiS05PV2JpbGl0eSIsImlhdCI6MTY4OTAyMDk2OCwiZXhwIjoxNjg5MDIxNTY4LCJ0eXAiOiJhY2Nlc3MifQ.2NSgDZXbsCA1ES7j1qHGI-CXBjlo_eqEW26hy63Pe0mq87e_OZQjQcNelMbJsvxhicGrdXK918qRB0MVsrJYNg"
}
}
}

=========

{
"accountParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "http://xxx/v1/user",
"httpHeaders": {
"Authentication" : "${access_token}",
"Accept": "application/json"
},
"httpMethod": "GET"
},
"listField": "list",
"keyField": "accountID",
"statusConfig": {
"active": "true",
"inactive": "false"
},
"colsToPropsMap": {
"accountID": "userId~#~char",
"name": "userId~#~char"
}
}
}
},
"entitlementParams": {},
"acctEntParams": {}
}

and here is the logs:

2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=connectionname Value=Knowbility
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=triggerscount Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=CreateTicketJSON Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=selectedImportoption Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=enddate Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=requestHostURL Value=telus-testclone.ssmcloud.net
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=cronexpression Value=0 15 10 * * ? 2099
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=registerwebhooksfilter Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=accessDetailsFilterForSite Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=ValidateOtpJSON Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=org.grails.plugins.quartz.grailsJobName Value=ApplicationDataImportJob
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=STATUS_THRESHOLD_CONFIG Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=connectionid Value=44
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=connectiontype Value=REST
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=RemoveAccountJSON Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=ChangePassJSON Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=accountfilter Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=accessDetailsFilterForList Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=import_config Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=updateUser Value=235822
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=accessDetailsFilterForItem Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=incrementalstartdatetime Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=MODIFYUSERDATAJSON Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=RemoveAccessJSON Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=DisableAccountJSON Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=jobtriggername Value=knowbility_account_import
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=accessdetailchilddatafilter Value=
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=fullorincremental Value=full
2023-07-12/20:48:02.400 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Key=incrementalenddatetime Value=
2023-07-12/20:48:02.408 [{}] [quartzScheduler_Worker-1] DEBUG services.ImportUtilityService - Endpoint 'Knowbility' found for the Security System 'Knowbility' with Endpointkey: 66
2023-07-12/20:48:02.408 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - *******endpoint=Knowbility and secSystem=Knowbility******************
2023-07-12/20:48:02.411 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Job Type : full
2023-07-12/20:48:02.411 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Import-Type : accounts
2023-07-12/20:48:02.411 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Loading Start for Security System - Knowbility
2023-07-12/20:48:02.411 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Finding Endpoint for the security System - Knowbility
2023-07-12/20:48:02.416 [{}] [quartzScheduler_Worker-1] DEBUG services.ImportUtilityService - Endpoint 'Knowbility' found for the Security System 'Knowbility' with Endpointkey: 66
2023-07-12/20:48:02.450 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - processAccountsFullBySequentialAndIterative - params.origParams.stageNumber : null
2023-07-12/20:48:02.452 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - callStageNumber : 0
2023-07-12/20:48:02.452 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - callStageNumber: 0
2023-07-12/20:48:02.452 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - stageNumber: null
2023-07-12/20:48:02.452 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - processAccountsFullBySequentialAndIterative - Not Multitrigger call
2023-07-12/20:48:02.452 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Inside processAccountsFinal.
2023-07-12/20:48:02.454 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Inside processAccounts.
2023-07-12/20:48:02.510 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Inside pullObjectsByRest
2023-07-12/20:48:02.510 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Got showLogs = true
2023-07-12/20:48:02.510 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Calling Webservice Url - http://amdocsapi-pt168.tmi.telus.com:31002/kb-api/v1/user with httpParams - null
2023-07-12/20:48:02.510 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - isFipsEnabled = false
2023-07-12/20:48:02.510 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - sslParams : null
2023-07-12/20:48:02.510 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - proxyParams : null
2023-07-12/20:48:02.510 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - sslSocketFactory : null
2023-07-12/20:48:02.511 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build() called.
2023-07-12/20:48:05.169 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Got showLogs = true
2023-07-12/20:48:05.170 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Cache-Control: no-cache, no-store, max-age=0, must-revalidate, Date: Wed, 12 Jul 2023 20:48:05 GMT, Pragma: no-cache, Transfer-Encoding: chunked, Content-Type: application/json, Expires: 0, X-Frame-Options: DENY, X-XSS-Protection: 1; mode=block, X-Content-Type-Options: nosniff], responseText:{"timestamp":"2023-07-12T20:48:05.065+0000","status":401,"error":"Unauthorized","code":"UNAUTHORIZED_REQUEST","message":"Authentication failed","path":"GET /kb-api/v1/user"}, cookies:[], statusCode:401]
2023-07-12/20:48:05.170 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - pullObjectsByRest - responseStatusCode ::401
2023-07-12/20:48:05.170 [{}] [quartzScheduler_Worker-1] ERROR rest.RestProvisioningService - Exception in pullObjectsByRest :401
2023-07-12/20:48:05.170 [{}] [quartzScheduler_Worker-1] ERROR rest.RestProvisioningService - Inside token Expiry Exception block. connectionParamMap.refreshTryCount : 0
2023-07-12/20:48:05.170 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Incrementing connectionParamMap.refreshTryCount : 1
2023-07-12/20:48:05.170 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - maxRefreshTryCount : 1
2023-07-12/20:48:05.202 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Calling http://amdocsapi-pt168.tmi.telus.com:31002/kb-api/v1/auth/login/access_token
2023-07-12/20:48:05.202 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - isFipsEnabled = false
2023-07-12/20:48:05.202 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - sslParams : null
2023-07-12/20:48:05.202 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - proxyParams : null
2023-07-12/20:48:05.202 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - sslSocketFactory : null
2023-07-12/20:48:05.203 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build() called.
2023-07-12/20:48:05.436 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - fetching result from response.responseText
2023-07-12/20:48:05.466 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - access token populated for oauth authentication..
2023-07-12/20:48:05.517 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Inside pullObjectsByRest
2023-07-12/20:48:05.517 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Got showLogs = true
2023-07-12/20:48:05.517 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Calling Webservice Url - http://amdocsapi-pt168.tmi.telus.com:31002/kb-api/v1/user with httpParams - null
2023-07-12/20:48:05.517 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - isFipsEnabled = false
2023-07-12/20:48:05.517 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - sslParams : null
2023-07-12/20:48:05.517 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - proxyParams : null
2023-07-12/20:48:05.517 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - sslSocketFactory : null
2023-07-12/20:48:05.518 [{}] [quartzScheduler_Worker-1] DEBUG services.HttpClientUtilityService - getHttpClient - HttpClientBuilder.create().build() called.
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Got showLogs = true
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Got Webservice API Response: [headers:[Cache-Control: no-cache, no-store, max-age=0, must-revalidate, Date: Wed, 12 Jul 2023 20:48:05 GMT, Pragma: no-cache, Transfer-Encoding: chunked, Content-Type: application/json, Expires: 0, X-Frame-Options: DENY, X-XSS-Protection: 1; mode=block, X-Content-Type-Options: nosniff], responseText:{"timestamp":"2023-07-12T20:48:05.688+0000","status":401,"error":"Unauthorized","code":"UNAUTHORIZED_REQUEST","message":"Authentication failed","path":"GET /kb-api/v1/user"}, cookies:[], statusCode:401]
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - pullObjectsByRest - responseStatusCode ::401
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] ERROR rest.RestProvisioningService - Exception in pullObjectsByRest :401
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] ERROR rest.RestProvisioningService - Inside token Expiry Exception block. connectionParamMap.refreshTryCount : 1
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Incrementing connectionParamMap.refreshTryCount : 2
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - maxRefreshTryCount : 1
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] ERROR rest.RestProvisioningService - Exception in token refresh : null
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] ERROR rest.RestProvisioningService - Error WebService call failed After retrying 1 times with responseStatusCode-null, Failed url-http://amdocsapi-pt168.tmi.telus.com:31002/kb-api/v1/user, Error Message - null
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Decrementing connectionParamMap.refreshTryCount : 1
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Decrementing connectionParamMap.refreshTryCount : 0
2023-07-12/20:48:05.757 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Got showLogs = true
2023-07-12/20:48:05.758 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Got showLogs = true
2023-07-12/20:48:05.758 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Error while getting Account Import response for url- http://amdocsapi-pt168.tmi.telus.com:31002/kb-api/v1/user is: null
2023-07-12/20:48:05.758 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Getting response statusCode null, so failing Account Import Job
2023-07-12/20:48:05.765 [{}] [quartzScheduler_Worker-1] DEBUG services.ImportUtilityService - Entered markStatusBasedOnThreshold
2023-07-12/20:48:05.765 [{}] [quartzScheduler_Worker-1] DEBUG services.ImportUtilityService - statusAndThresholdConfig is empty
2023-07-12/20:48:05.765 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Mapping Users to accounts.
2023-07-12/20:48:05.765 [{}] [quartzScheduler_Worker-1] DEBUG saviynt.ImportExternalDbService - Associating Users and Accounts
2023-07-12/20:48:05.811 [{}] [quartzScheduler_Worker-1] DEBUG saviynt.ImportExternalDbService - Orphan Accounts- 607
2023-07-12/20:48:05.811 [{}] [quartzScheduler_Worker-1] DEBUG saviynt.ImportExternalDbService - Rule: (users.username) = accounts.name
2023-07-12/20:48:05.811 [{}] [quartzScheduler_Worker-1] DEBUG saviynt.ImportExternalDbService - sql =
SELECT USERS.USERKEY AS USERKEY, ACCOUNTS.ACCOUNTKEY AS ACCOUNTKEY FROM ACCOUNTS ACCOUNTS
LEFT JOIN USER_ACCOUNTS UA ON ACCOUNTS.ACCOUNTKEY = UA.ACCOUNTKEY
LEFT JOIN USERS USERS ON
(users.username) = accounts.name
WHERE ACCOUNTS.ENDPOINTKEY = 66 AND ACCOUNTS.STATUS IN ('Active','1','Manually Provisioned')
AND ACCOUNTS.ACCOUNTKEY IS NOT NULL AND UA.ACCOUNTKEY IS NULL
AND ACCOUNTS.NAME IS NOT NULL AND USERS.USERNAME IS NOT NULL

2023-07-12/20:48:05.820 [{}] [quartzScheduler_Worker-1] DEBUG saviynt.ImportExternalDbService - Total accounts to be correlated = 0
2023-07-12/20:48:05.820 [{}] [quartzScheduler_Worker-1] DEBUG saviynt.ImportExternalDbService - User-accounts correlated: 0
2023-07-12/20:48:05.825 [{}] [quartzScheduler_Worker-1] DEBUG saviynt.ImportExternalDbService - Orphan Accounts remaining- 607
2023-07-12/20:48:05.825 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestProvisioningService - Mapping of Users to Accounts is Completed.
2023-07-12/20:48:05.825 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Writing job history to import logs.
2023-07-12/20:48:05.825 [{}] [quartzScheduler_Worker-1] DEBUG rest.RestUtilService - Number of log entries to be written : 4
2023-07-12/20:48:05.870 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - END INVOKING EXTERNAL CONNECTION
2023-07-12/20:48:05.904 [{}] [quartzScheduler_Worker-1] DEBUG jobs.ApplicationDataImportJob - Setting the value of import status
2023-07-12/20:48:05.904 [{}] [quartzScheduler_Worker-1] DEBUG jobs.ApplicationDataImportJob - Import status :: Failure
2023-07-12/20:48:05.904 [{}] [quartzScheduler_Worker-1] DEBUG services.EmailerService - Sending Import Failure Notification Email
2023-07-12/20:48:05.905 [{}] [quartzScheduler_Worker-1] DEBUG services.EmailerService - Email Template not found or is not configured
2023-07-12/20:48:05.905 [{}] [quartzScheduler_Worker-1] DEBUG services.EmailerService - End sending Import Notification Email
2023-07-12/20:48:05.905 [{}] [quartzScheduler_Worker-1] DEBUG integration.ExternalConnectionCallService - Enter consolidateConcurrentChildTriggerLogs
2023-07-12/20:48:05.905 [{}] [quartzScheduler_Worker-1] DEBUG services.SaviyntCommonUtilityService - Enter runNextTrigger
2023-07-12/20:48:05.905 [{}] [quartzScheduler_Worker-1] DEBUG services.SaviyntCommonUtilityService - Exit runNextTrigger
2023-07-12/20:48:05.905 [{}] [quartzScheduler_Worker-1] DEBUG jobs.ApplicationDataImportJob - END ApplicationDataImportJob

15 REPLIES 15

SB
Saviynt Employee
Saviynt Employee

Is this working from Postman?

In case it is, can you generate the access token from postman and then pass it as a value directly in the Import JSON to see if the job runs successfully.


Regards,
Sahil

Manoj901
New Contributor
New Contributor

Hi Sahil,

Yes it is working from postman, I am passing the generated token from postman to my connection JSON and the token is working, the token is expired after 6 min and after then the token is not re-generating, I have tried with retryFailureStatusCode and also I have use maxrefreshtrycount in my connection json, which is calling the retry code but it is not generating the accessToken.
Even I tried with refresh_token but it failed, I am attaching my connection JSON here for reference, please let me know if I missed anything here.

 

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "http://xxxxxx/kb-api/v1/auth/login/access_token",
"contentType":"application/x-www-form-urlencoded",
"httpParams": {
},
"httpHeaders": {
"Authentication":"Basic ODI1NjgzNjpURVNUSU5H",
"Accept":"*/*"
},
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken"
],
"httpMethod": "POST",
"httpContentType": "multipart/form-data",
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"authHeaderName":"Authentication",
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401,403,500
],
"accessToken": "Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4MjU2ODM2IiwiaXNzIjoiS05PV2JpbGl0eSIsImlhdCI6MTY4OTM1Mjg1MCwiZXhwIjoxNjg5MzUzNDUwLCJ0eXAiOiJhY2Nlc3MifQ.nlsvvQIn5FLdawYYo2gEBcIy3KVcNGxBZOxV_Ed2-Ip6OaeGGILVwDcgnCah_TZdJPXbHLA9cdviWyenncbbig"
}
}
}

snehaadumalli
New Contributor
New Contributor

Hello,

I have gone through the similar kind of issue before with rest connection to generate the token automatically as soon as existing token expires 

Connection JSON for Rest Application:

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "Place token generation url here",
"httpMethod": "POST",
"httpParams": {
"clientId": "**********",
"clientSecretKey": "************"
},
"httpHeaders": {
"contentType": "application/json"
},
"httpContentType": "application/json",
"expiryError": "ExpiredAuthenticationToken",
"retryFailureStatusCode": [401],
"timeOutError": "Read timed out",
"errorPath": "error",
"maxRefreshTryCount": 3,
"tokenResponsePath": "token",
"tokenType": "Bearer",
"accessToken":"Bearer abcd"
}
}
}

This worked to me to generate token automatically. Have look and see if this works for you.

Sneha Adumalli

 

 

SB
Saviynt Employee
Saviynt Employee

@Manoj901 In case the above JSON does not work for you, can you share the postman export of your Generate token call and the response you get for the same call from Postman.


Regards,
Sahil

Manoj901
New Contributor
New Contributor

Hi Sahil,

Here is the postman call and its response back to generate the token.

 

Manoj901_0-1689608586092.png

 

 

Regards,

Mano

SB
Saviynt Employee
Saviynt Employee

Your tokenResponsePath value should be accessToken and you seem to have defined it differently. The same is the case for refreshTokenResponsePath. Can you update it and then validate.

"tokenResponsePath": "token",

"refreshTokenResponsePath": "refreshToken"


Regards,
Sahil

Manoj901
New Contributor
New Contributor

Hi Sahil,

I have changed the accesstoken and tokenresponsepath now, but still gettitng the same error.

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "http://xxxxx/:31002/kb-api/v1/auth/login/access_token",
"contentType":"application/x-www-form-urlencoded",
"httpParams": {
},
"httpHeaders": {
"Authentication":"Basic ODI1NjgzNjpURVNUSU5H",
"Accept":"*/*"
},
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken"
],
"httpMethod": "POST",
"httpContentType": "multipart/form-data",
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 2,
"authHeaderName":"Authentication",
"tokenResponsePath": "accessToken",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401,403,500
],
"accessToken": "Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4MjU2ODM2IiwiaXNzIjoiS05PV2JpbGl0eSIsImlhdCI6MTY4OTM1Mjg1MCwiZXhwIjoxNjg5MzUzNDUwLCJ0eXAiOiJhY2Nlc3MifQ.nlsvvQIn5FLdawYYo2gEBcIy3KVcNGxBZOxV_Ed2-Ip6OaeGGILVwDcgnCah_TZdJPXbHLA9cdviWyenncbbig"
}
}
}
=======================
{
"accountParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "http://xxxx:31002/kb-api/v1/user",
"httpHeaders": {
"Authentication" : "${accessToken}",
"Accept": "application/json"
},
"httpMethod": "GET"
},
"listField": "list",
"keyField": "accountID",
"statusConfig": {
"active": "true",
"inactive": "false"
},
"colsToPropsMap": {
"accountID": "userId~#~char",
"name": "userId~#~char",
"customproperty2":"userId~#~char"
}
}
}
},
"entitlementParams": {},
"acctEntParams": {}
}

Share postman response


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi Rushikesh,

Here is the postman response.

{     "tokenType""Bearer",     "accessToken""eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4MjU2ODM2IiwiaXNzIjoiS05PV2JpbGl0eSIsImlhdCI6MTY4OTY1OTMzMCwiZXhwIjoxNjg5NjU5OTMwLCJ0eXAiOiJhY2Nlc3MifQ.99rHTCK9zsFq3bf9pLz76iudWdEX4QLUYHDqwjHwcqjNohRTbPE3r-kP-2hR5lAOs3rgbVMMpwemfqsymsAuag",     "expiresIn"600000,     "refreshToken""eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4MjU2ODM2IiwiaXNzIjoiS05PV2JpbGl0eSIsImlhdCI6MTY4OTY1OTMzMCwiZXhwIjoxNjg5NzAyNTMwLCJ0eXAiOiJyZWZyZXNoIn0._SnrNTvv1as3lvvpHS-t-nV5au9vK4C6SdU4J0PEoHgbn2Op2kIOa7uCdqD6m19vdEbxjMd4AHv8adDTVx4gQg" }

=====================================

{     "userId"911500,     "info": {         "general": {             "userEffectiveDate""2009-09-27T04:00:00.000+0000",             "userExpirationDate"null,             "fullName""Roman Margulis",             "shortName""Roman Margulis",             "userLanguage""EN",             "workPosition"""         },         "work"null,         "envList"null     },     "message""SUCCESS",     "status""200" }

SB
Saviynt Employee
Saviynt Employee

In the Import JSON you need to use access_token for Authorization. I see you have defined it as accessToken which is incorrect.

"Authorization": "${access_token}"


Regards,
Sahil

Manoj901
New Contributor
New Contributor

Hi Sahil,

Even i have tried with "Authorization": "${access_token}" and I have passed "tokenResponsePath": "access_token", but it did not work for me, it is not able to generate the new token.

SB
Saviynt Employee
Saviynt Employee

In your connection JSON, your response path will be as below

"tokenResponsePath": "token",

"refreshTokenResponsePath": "refreshToken"

And in the import JSON the value for Authorization will be

"Authorization": "${access_token}"

If it still does not work, please share the latest JSON (connection/Import) you used along with the logs.


Regards,
Sahil

Manoj901
New Contributor
New Contributor

Hi Sahil,

Thanks for taking a look, I have tried the json as like you mentioned above, but for our case in the import it is "Authentication": "${access_token}  instead of  "Authorization": "${access_token}, because the application accept Authentication as a value not Authorization, I am sharing the below json which is working fine for us when I pass the newly generated token and I am able to import the accounts to saviynt.

{
"authentications": {
"userAuth": {
"authType": "oauth2",
"url": "http://xxxxx:31002/kb-api/v1/auth/login",
"contentType":"application/x-www-form-urlencoded",
"httpParams": {},
"httpHeaders": {
"Authentication":"Basic ODI1NjgzNjpURVNUSU5H",
"Accept":"*/*"
},
"authError": [
"InvalidAuthenticationToken"
],
"httpMethod": "POST",
"httpContentType": "application/x-www-form-urlencoded",
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 1,
"authHeaderName": "Authentication",
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401
],
"accessToken": "Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4MjU2ODM2IiwiaXNzIjoiS05PV2JpbGl0eSIsImlhdCI6MTY4OTY5Mjg5OSwiZXhwIjoxNjg5NjkzNDk5LCJ0eXAiOiJhY2Nlc3MifQ.bc9t8CnhZ_w7AAm8NSo9f2okQooPJuynAK1Cb2bqOox_B5WdCKhKn61iNOSmcg0zhfGVGNJThDDKFogtrGo_sw"
}
}
}
=======================
{
"accountParams": {
"connection": "userAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "http://xxxxx:31002/kb-api/v1/user",
"httpHeaders": {
"Authentication" : "${access_token}",
"Accept": "application/json"
},
"httpMethod": "GET"
},
"listField": "list",
"keyField": "accountID",
"statusConfig": {
"active": "true",
"inactive": "false"
},
"colsToPropsMap": {
"accountID": "userId~#~char",
"name": "userId~#~char"
}
}
}
},
"entitlementParams": {},
"acctEntParams": {}
}

SB
Saviynt Employee
Saviynt Employee

The tokenResponsePath is used in Connection to let Saviynt know the path of the token value generated. 

${access_token} is the variable used in ImportJSON to fetch the access token value received from Connection JSON call. ${access_token}  will always be used as is and is not dependent on the token response path. Use attached JSON format. Share log file if it still does not work.

 


Regards,
Sahil

Manoj901
New Contributor
New Contributor

Hi Sahil,

Thanks a ton, it worked and I have not used refreshToken, only I had to change the tokenResponsePath to point to the correct path which is "accessToken" and it worked for me.

 

Regards,
Mano