Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/25/2024 10:25 AM
Hello,
We're trying to use the following JSON for creating AzureAD groups via Saviynt:
{
"connection": "${connectionName}",
"url": "https://graph.microsoft.com/v1.0/groups",
"httpMethod": "Post",
"httpParams": "{\"description\": \"${roles.description==null || roles.description==''? roles.displayname : roles.description}\", \"displayName\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"groupTypes\": [\"${roles.customproperty21=='Office365'? 'Unified' : ''}\"], \"mailEnabled\": \"${roles.customproperty22 == '1' ? true : false}\", \"mailNickname\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"securityEnabled\": \"${roles.customproperty23 == '1' ? true : false}\",\"owners@odata.bind\": [\"${allOwner}\"]}",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json"
}
We created the admin role with the required features - Configuring the Integration for Managing Azure AD Groups (saviyntcloud.com) and we have the workflow assigned to the entitlement type - https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter07-General-Administrator/Con...
When we try to create the group via Savyint, the task is created; however, nothing happens when we run the provisioning job. In the logs all that we see is "ecm-services.UsersService-http-nio-8080-exec-183-rz68v-ERROR-NumberFormatException occured while auditing for roles: For input string: "sendforapproval" followed by "ecm-worker-azure.AzureADProvisioningService-quartzScheduler_Worker-1-2gwjh-ERROR-Error in createUpdateDeleteGroupAzureAD group - Test_Group removing tasks from the list"
Please let me know what the cause could be and if there might be a fix!
Solved! Go to Solution.
06/25/2024 08:20 PM
{
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/groups",
"httpMethod": "POST",
"httpParams": "{\"description\": \"${roles.description}\", \"displayName\": \"${roles.displayname}\", \"groupTypes\": [\"${(roles.customproperty21=='Office365') ? 'Unified' : ''}\"], \"mailEnabled\": \"${roles.customproperty22 == '1' ? true : false}\", \"mailNickname\": \"${roles.displayname==null || roles.displayname==''? roles.role_name : roles.displayname}\", \"securityEnabled\": \"${roles.customproperty23 == '1' ? true : false}\",\"owners@odata.bind\": [\"${allOwner}\"]}",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json"
}
Use Above JSON
07/02/2024 05:16 AM
Sorry for the delayed response, I will test the JSON from your last reply and I'll let you know if it worked.
07/03/2024 07:12 AM
Hi @rushikeshvartak Tried the JSON you provided, but the error "NumberFormatException occured while auditing for roles: For input string: "sendforapproval"" is still happening.
Could this be caused by setting up AutoApprovalWF for the AAD group creation "Add access" workflow?
07/03/2024 08:46 PM
Did you attached workflow to entitlement type - add access workflow ?
07/04/2024 05:48 AM
Yes, it was part of the configuration guide from the Saviynt docs. - https://docs.saviyntcloud.com/bundle/AzureAD-v23x/page/Content/Configuring-the-Integration-for-Manag....
07/04/2024 07:31 AM
Dont use product default AOB workflow it does not work. Create simple auto approve workflow and try