Disclaimer - This is an AI generated response and feedback on this thread will be used to fine tune.
Integrating Veracode with Saviynt and using BasicWithHmac for authentication should indeed be supported. Let's address the issue you're facing by revising the connection JSON based on the provided details and ensuring all necessary fields are included as per Saviynt's requirements.
Considering the Postman response, you've provided information that we can use to construct a Saviynt connection JSON. Based on the screenshots and your example JSON for Connection and ImportAccount, here is an example of what the Connection JSON with BasicWithHmac authentication might look like for Saviynt:
{
"authentications": {
"acctAuth": {
"authType": "BasicWithHmac",
"url": "https://api.veracode.com/api/authn/v2/users",
"httpMethod": "GET",
"properties": {
"AccessKeyID": "YOUR_ACCESS_KEY_ID",
"SecretKey": "YOUR_SECRET_KEY"
},
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken"
],
"errorPath": "message",
"maxRefreshTryCount": 3,
"tokenResponsePath": "token",
"tokenType": "Hmac",
"accessToken": "GENERATED_HMAC_TOKEN",
"expiryError": ["TokenExpired"],
"timeOutError": ["ConnectionTimeout"],
"retryFailureStatusCode": [429, 500, 503]
}
}
}
Here’s how the Importaccount JSON can be structured, including the error handling parameters:
{
"globalSettings": {
"dateFormat": "yyyy-MM-dd'T'HH:mm:ss"
},
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://api.veracode.com/api/authn/v2/users/?page=0&size=200",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "_embedded.users",
"keyField": "user_id",
"statusConfig": {
"active": "login_enabled",
"inactive": "not(login_enabled)"
},
"colsToPropsMap": {
"accountID": "user_id~#~char",
"name": "user_name~#~char",
"displayName": "#CONST#${first_name} ${last_name}~#~char",
"customproperty1": "first_name~#~char",
"customproperty2": "last_name~#~char",
"customproperty3": "email_address~#~char"
},
"expiryError": ["TokenExpired"],
"authError": ["InvalidAuthenticationToken", "AuthenticationFailed"],
"timeOutError": ["ConnectionTimeout"],
"retryFailureStatusCode": [429, 500, 503],
"errorPath": "message",
"maxRefreshTryCount": 3
}
}
},
"entitlementParams": {},
"acctEntParams": {}
}
In the JSON:
- "authType": "BasicWithHmac" is used because it's specified for Veracode.
- "properties" includes the AccessKeyID and SecretKey which you would have received from Veracode.
- "accessToken": "GENERATED_HMAC_TOKEN" is a placeholder where you should place the HMAC token you generated, following the Veracode authentication requirements.
- Error handling scenarios are incorporated with fields like expiryError, authError, retryFailureStatusCode, timeOutError, errorPath, and maxRefreshTryCount.
Please replace "YOUR_ACCESS_KEY_ID", "YOUR_SECRET_KEY", and "GENERATED_HMAC_TOKEN" with your actual credentials and generated token. The ${access_token} is a variable that Saviynt would replace with the actual access token when making the API call.
Make sure to test these JSON configurations in a development environment before applying them in production. Adjust the properties, url, and any other parameters as needed to match your actual setup.
If you encounter further issues, you might need to dive into the details of the error messages you receive and check if there are additional configuration settings required by Veracode that need to be incorporated into your Saviynt configuration.
