Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Unable to create AzureAD (Entra) groups via Saviynt

AdrianMarchis
New Contributor III
New Contributor III

Hello,

 

We're trying to use the following JSON for creating AzureAD groups via Saviynt:

 

 

{
    "connection": "${connectionName}",
    "url": "https://graph.microsoft.com/v1.0/groups",
    "httpMethod": "Post",
    "httpParams": "{\"description\": \"${roles.description==null || roles.description==''? roles.displayname : roles.description}\", \"displayName\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"groupTypes\": [\"${roles.customproperty21=='Office365'? 'Unified' : ''}\"], \"mailEnabled\": \"${roles.customproperty22 == '1' ? true : false}\", \"mailNickname\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"securityEnabled\": \"${roles.customproperty23 == '1' ? true : false}\",\"owners@odata.bind\": [\"${allOwner}\"]}",
    "httpHeaders": {
        "Authorization": "${access_token}",
        "Content-Type": "application/json"
    },
    "httpContentType": "application/json"
}

 

 

We created the admin role with the required features - Configuring the Integration for Managing Azure AD Groups (saviyntcloud.com) and we have the workflow assigned to the entitlement type - https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter07-General-Administrator/Con...

When we try to create the group via Savyint, the task is created; however, nothing happens when we run the provisioning job. In the logs all that we see is "ecm-services.UsersService-http-nio-8080-exec-183-rz68v-ERROR-NumberFormatException occured while auditing for roles: For input string: "sendforapproval" followed by "ecm-worker-azure.AzureADProvisioningService-quartzScheduler_Worker-1-2gwjh-ERROR-Error in createUpdateDeleteGroupAzureAD group - Test_Group removing tasks from the list"

 

Please let me know what the cause could be and if there might be a fix!

6 REPLIES 6

rushikeshvartak
All-Star
All-Star
{
  "connection": "userAuth",
  "url": "https://graph.microsoft.com/v1.0/groups",
  "httpMethod": "POST",
  "httpParams": "{\"description\": \"${roles.description}\", \"displayName\": \"${roles.displayname}\", \"groupTypes\": [\"${(roles.customproperty21=='Office365') ? 'Unified' : ''}\"], \"mailEnabled\": \"${roles.customproperty22 == '1' ? true : false}\", \"mailNickname\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"securityEnabled\": \"${roles.customproperty23 == '1' ? true : false}\",\"owners@odata.bind\": [\"${allOwner}\"]}",
  "httpHeaders": {
    "Authorization": "${access_token}",
    "Content-Type": "application/json"
  },
  "httpContentType": "application/json"
}

 

Use Above JSON


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

AdrianMarchis
New Contributor III
New Contributor III

Sorry for the delayed response, I will test the JSON from your last reply and I'll let you know if it worked.

AdrianMarchis
New Contributor III
New Contributor III

Hi @rushikeshvartak Tried the JSON you provided, but the error "NumberFormatException occured while auditing for roles: For input string: "sendforapproval"" is still happening.

Could this be caused by setting up AutoApprovalWF for the AAD group creation "Add access" workflow?

Did you attached workflow to entitlement type - add access workflow ?


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

AdrianMarchis
New Contributor III
New Contributor III

Screenshot 2024-07-04 154403.png

Yes, it was part of the configuration guide from the Saviynt docs. - https://docs.saviyntcloud.com/bundle/AzureAD-v23x/page/Content/Configuring-the-Integration-for-Manag....

Dont use product default AOB workflow it does not work. Create simple auto approve workflow and try


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.