Saviynt Forums

Hi @pmahalle 

Thanks for your reply. We are testing this out with the ROLE_ADMIN SAV role itself but its not working.

Thanks
Manohar

Hi @Manohar_122 

Then check if role which you are trying to request is requestable or not and requestor you are using in your request payload have appropriate sav role with request permissions.

Hi @pmahalle 

Yes the role is requestable and requestor we are using in our request in payload also has the ROLE_ADMIN Sav role.

Regards,
Manohar

regenerate the token and validate.

• Please share postman screenshot and curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]
  
  
  
  ⚠️‼️‼️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.‼️‼️⚠️

Hi @rushikeshvartak 

I did try to regenerate token and use it many times but its the same.
Here are the postman screenshot and curl command

curl command
curl --location 'https://{{URL}}/ECM/api/v5/createrequest' \
--header 'SAVUSERNAME: admin' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTdjA4VVFSajk5anlDOFJJRUUwMHNvQkU2c3hlNXlsd0RuS2ZCckFmaHVBWVR6ZHp1eHpvd083UE96TUpkUTY3Q2dnS2lrSkR3TFwvQ2ZRR05qWjdTd3BiYjFtK1hIbmpiRXFYYVwvZWZ2ZTk5N2Iwd3NZTVJwcXNXWmNHRDhWV2N5dBS0lBS3krd0hSYW9jallYN2w4dG1sb3RxRzIwOWdMc3BNNGEyKzhkSjI3clYzYjFiVTVLRGo3QUQ1VjdxMGFIc1poelVkengrUXdsQnJybVNacm9qRXhYeGRlN0VpWDh3K2Zuclwvc21nVXdLZ1RKN2VcL2sweGY3d0FnN04zdjZmeW9MM1F3cU9oMVF0WXZaZlNOaE1GODZwR3BcL3o5ZVBuTDBjV250M2RJMlNGZVwvbjhmMFwvTlh5ZlViS2ttWlpsWU5kVVMwMjJYM1RPUUx0NU5mdDlEMzJ6eEpCZElmSlMxR054SUZNZGt0YXlXdTg3WndiMlVwYUw2ZmZcL0Ztc2VWZUs2dFVaSE94OFd6MmVZMjB4M0xycmpNXC9VTlRZM3ErRDhcLzBuUDRqbk5ZeHNNWkVoSlQ5ZWdGcFowa1c5ZTNvMFdUbjh1WmY3eUtYSHZ0WCtBRUhwdkNrWEF3QUEiLCJzdWIiOiJUZXN0RUlDMTI5MyIsImV4cCI6MTcyMzAzNzA2MiwiaWF0IjoxNzIzMDMzNDYyLCJyb2xlcyI6WyJST0xFX0FETUlOIl19.8EySpFxQdgtUU_xE1kbkwUCGJDhfu-7oyuxUW4RB7rc' \
--header 'Cookie: CCSRF-TOKEN=4f5ce623-6187-4b75-bf29-488656af9df5; INGRESSCOOKIE=1722922138.611.188.73287|0f4091fceac04271d9e9e5a60a3d3e8f; MS_REDIRECT_URL=https%3A%2F%2F{{URL}}%2FECM%2Fapiv5%2Fcreaterequest; access_token=eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTdjA4VVFSajk5anlDOFJJRUUwMHNvQkU2c3hlNXlsd0RuS2ZCckFmaHVBWVR6ZHp1eHpvd083UE96TUpkUTY3Q2dnS2lrSkR3TFwvQ2ZRR05qWjdTd3BiYjFtK1hIbmpiRXFYYVwvZWZ2ZTk5N2Iwd3NZTVJwcXNXWmNHZFJzcTdBS0lBS3krd0hSYW9jallYN2w4dG1sb3RxRzIwOWdMc3BNNGEyKzhkSjI3clYzYjFiVTVLRGo3QUQ1VjdxMGFIc1poelVkengrUXdsQnJybVNacm9qRXhYeGRlN0VpWDh3K2Zuclwvc21nVXdLZ1RKN2VcL2sweGY3d0FnN04zdjZmeW9MM1F3cU9oMVF0WXZaZlNOaE1GODZwR3BcL3o5ZVBuTDBjV250M2RJMlNGZVwvbjhmMFwvTlh5ZlViS2ttWlpsWU5kVVMwMjJYM1RPUUx0NU5mdDlEMzJ6eEpCZElmSlMxR054SUZNZGt0YXlXdTg3WndiMlVwYUw2ZmZcL0Ztc2VWZUs2dFVaSE94OFd6MmVZMjB4M0xycmpNXC9VTlRZM3ErRDhcLzBuUDRqbk5ZeHNNWkVoSlQ5ZWdGcFowa1c5ZTNvMFdUbjh1WmY3eUtYSHZ0WCtBRUhwdkNrWEF3QUEiLCJpc3MiOiJzc20tZGV2LXBtaS5zYXZpeW50Y2xvdWQuY29tIiwic3ViIjoiVGVzdEVJQzEyOTMiLCJleHAiOjE3MjI5MzMyNzUsImlhdCI6MTcyMjkyOTY3NSwicm9sZXMiOlsiUk9MRV9BRE1JTiJdfQ.FeZ3Pb4L9tuf5gi9tFqHmigVGTGe0r9lXqDJedOEiqE; token_type=Bearer; user_name=TestEIC1293' \
--data '{
"accesstype":"ROLES",
"username":"1000676802",
"roletype":"ENTERPRISE",
"requesttype":1,
"roles":[
{
"rolename" : "TEST VIVA ROLE 3",
"startdate" : "08-06-2024",
"enddate" : "10-06-2024",
"businessJustification" : "testjustification"
} ],
"requestcomments":"commemnt",
"requestor":"1000676802"
}'

Regards
Manohar

@Manohar_122 Hope you are passing the username of requestor in payload

"requestor":"1000676802"

Hi @SumathiSomala 

Yes we are passing the username of requestor in payload

Regards,
Manohar

Try with user having sav role as role_admin

@rushikeshvartak We are using the role_admin sav role itself.

Its working for me in v24.7 & 24.4 

validate your subversion

Its not working for me on v24.4

Whats your subversion

This is working when i disable the OAuth and not working when its enabled

• When generate token are you using refresh token or normal token ?

I am using normal access token

Then ouath can be kept as untick

What should i use if i need to keep the ouath as enabled and not disabled? because i want the ouath as enabled and also other api request like getuser and addrole api are working fine when the ouath is enabled and using the access token

Use refresh token api from postman package

No Its giving 401 error if i try to use the the refresh token with the oauth enabled

Use token from UI under web service auth

Its not working even when using the token from UI under web service auth

Share curl

Please share postman screenshot and curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]



⚠️‼️‼️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.‼️‼️⚠️

Curl command response

curl --location 'https://{URL}/ECM/api/v5/createrequest' \
--header 'SAVUSERNAME: admin' \
--header 'Content-Type: application/json' \
--header 'grant_type: refresh_token' \
--header 'refresh_token: yJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUDA4VVFSUlwvZXh5QlNJSkFJZ2tGTm1KbjlrNUkwT1FhQWRGQTFqdkRlUTBtbXJuZHh6SXdPN1BNek1KZFE2NlNnZ0tEa3BqNEZlajlFTnI0QVlnV3R0UzJ2bG4rN0dsRG5HcjN6VzlcL1wvZldvVGUxemVcLzcrWkZlNkdGeVQ3ckJheldTY25OZU1IOFNxTlRQdnYwOHNQSitjSHJBVkoyaUdmXC92NCtaaGN2bXVrc3FTWmxtVnZYdGlHajN5dTZaeUJkdkpyXC9hUXRkdjhpUVZTSCtVdEJoZFN4VEVGTGVzbGJqcTI4S3R0VWF3XC9IYmg2WXVWZXY3NnNGcXR6aithZjF5ZEplblJQTGxibVI4b1d0amhyXC9mZmp1NzlJSnBWR054bElrTXFmcXdBMWJPa2pmcmQ2Y24weU1lZmgzbU1YSG4wUytNUHdrXC9cL2FCWURBQUE9Iiwic3ViIjoiMTAwMDY3NjgwMiIsImlhdCI6MTcyMzQ3MDY5NSwicm9sZXMiOlsiUk9MRV9BRE1JTiJdfQ.YRNiVd2lTWStvCd3lysQnocIxDUmwD2gn5PZcPYeJJI' \
--header 'Cookie: JSESSIONID=DB50441F075DED033F5E7A09FC1FC4AB; CCSRF-TOKEN=fef76784-09d5-4972-ad49-e4a3dd609c5a; INGRESSCOOKIE=1723442602.786.187.63802|0f4091fceac04271d9e9e5a60a3d3e8f; MS_REDIRECT_URL=https%3A%2F%2F{URL}%2FECM%2Foauth%2Ftoken; access_token=eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTdjA4VVFSajk5anlDOFJJRUUwMHNvQkU2c3hlNXlsd0RuS2ZCckFmaHVBWVR6ZHp1eHpvd083UE96TUpkUTY3Q2dnS2lrSkR3TFwvQ2ZRR05qWjdTd3BiYjFtK1hIbmpiRXFYNZGt0YXlXdTg3WndiMlVwYUw2ZmZcL0Ztc2VWZUs2dFVaSE94OFd6MmVZMjB4M0xycmpNXC9VTlRZM3ErRDhcLzBuUDRqbk5ZeHNNWkVoSlQ5ZWdGcFowa1c5ZTNvMFdUbjh1WmY3eUtYSHZ0WCtBRUhwdkNrWEF3QUEiLCJpc3MiOiJzc20tZGV2LXBtaS5zYXZpeW50Y2xvdWQuY29tIiwic3ViIjoiVGVzdEVJQzEyOTMiLCJleHAiOjE3MjM0NzIxMzcsImlhdCI6MTcyMzQ2ODUzNywicm9sZXMiOlsiUk9MRV9BRE1JTiJdfQ.V6akbLC58t_17anhRfp5knTXwPDmcsffqR249F-4Pgk; token_type=Bearer; user_name=TestEIC1293' \
--data '{
"accesstype":"ROLES",
"username":"TestEIC1293",
"roletype":"ENTERPRISE",
"requesttype":1,
"roles":[
{
"rolename" : "Test_Role_deleted",
"startdate" : "08-12-2024",
"enddate" : "10-06-2024",
"businessJustification" : "testjustification"
} ],
"requestcomments":"commemnt",
"requestor":"TestEIC1293"
}'

Validated in v24.4 and v24.7 with oauth 2 tick i am able to create request using API