Click HERE to see how Saviynt Intelligence is transforming the industry. |
11/17/2022 12:39 PM
Team,
In our use case we need to integrate applications to pull the password from Saviynt for that we are using Saviynt REST API method to achieve this. As part of this process Application team has to follow / make below three calls
In this process service account owner/pre-authorized users has to do step#1 and step#2 and share the long lasting token to app team so that they configure their application to use that token and make an API call to check out(step#3) the password of service account.
Now the issue is to authenticate to Saviynt using REST API service account owner/ pre-authorized users need to set their API Password. But we don't see this option is getting visible to respective users even though we assigned required feature to respective Users Sav Role
We tried to provide feature: Reset_API_Password which has all required URLs but we still don't see any link or tile appeared on home screen.
We have another on-prem environment(v2020) where we have similar setup and there it looks like below
And below is the feature that is giving above view
Respective URLs of that feature
Also to show this tile we were suggested to make changes in UI-Track Microservices and below are the changes done to achieve this
Now being in SaaS Environment we not sure whether such changes are applied or not. If that is not supported in SaaS Environment/new versions then how do we achieve this so that we can let Service Account Owners/Pre-Authorized Users to set their API password so that they can authenticate themselves using API calls?
11/18/2022 06:38 PM
Enable tile on ars from create home options
11/21/2022 06:22 AM
That option is not available in create home options.
As mentioned this is customization we did on on-prem environment which we are not sure if it is supported is SaaS version, If not what are the alternate options
11/21/2022 09:46 AM
options are still available on ARS
11/21/2022 09:51 AM
Those are to change Service Account and User owned account password. But the option I am looking for is to set the User Saviynt Password which will be used for REST authentication
02/10/2023 02:14 PM
@Saathvik Below is how you can enable change password option so that users can set local password in Saviynt.
We have also identified the changes to be done in the AAPM article in our docs portal and that should soon be published.
If SSO is enabled, ensure that the Enable Change Password option is enabled for a specific SAV role (ROLE_SAV_AAPM) so that users who wants to generate a long-lasting token can set their local password in Saviynt.
For users to setup a local Saviynt password, perform the following:
Enable the Enable Change Password option.
Navigate to Applications > Admin > Global Configuration > Preferences.
Select the Enable Change Password option under the Profile Menu section.
Add the below configuration change in the SAV role (ROLE_SAV_AAPM) created:
Navigate to Applications > Admin > Sav Roles.
On the SAV Role List page, click the specific SAV role (ROLE_SAV_AAPM).
Go to the Create Request Home Option tab and select the Change Password option.
Create a local Saviynt password.
On the EIC welcome page, go to user profile and click the Change Password option.
On the Change Password page, update the new password and click Submit.
The password is successfully updated.
02/13/2023 07:30 AM
@NageshK : Thanks for the response, Couple of questions
Also we tried these suggestions as per the response given to our ticket #1561728 but we still see it didn't work as expected only changes to instructions are
02/13/2023 08:51 AM
@Saathvik responses below:
1. Sav Role can be anything. The name was given as an example. You can use your custom sav role as well
2. Yes, under Change Password, you have to select "REST Saviynt Password" option
3. No, you do not need to and should not modify that field. That will be a security concern
4. I just tried this internally and it seems like we may have to do the change password step twice for this to work. Can you try perforing change password one more time and verify?
02/13/2023 09:54 AM
@NageshK : It worked but I had to do multiple attempts of change password. On 4th or 5th attempt it worked. Looks like something not correct/consistent. Is there any issue? Why I had to do multiple attempts?