This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Saviynt Forums
- Knowledge Base
- Saviynt Knowledge Base
- How to import OKTA LastLogin
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Notify a Moderator
No ratings
prashantChauhan
Saviynt Employee
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Notify a Moderator
on 07/24/2023 02:08 PM
Use Case
How to import security roles and LastLogin under the profile using REST connector.
This article contains the JSONs to be used for the Implementation of the Okta application via the REST Connector.
Pre-requisites
NA
All
Applicable Version(s)
All
Solution
Below are the JSONs to be used in the case of using the REST connector for the implementation of the Okta Application instead of the OOTB Okta connector.
=================================================================================
Connection Json
=================================================================================
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://xxxx.com/api/v1",
"httpMethod": "POST",
"httpParams": {
"client_id": "",
"client_secret": ""
},
"httpHeaders": {
"contentType": "application/json"
},
"httpContentType": "application/json",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed"
],
"timeOutError": "Read timed out",
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "SSWS",
"accessToken": "SSWS abcd"
}
}
}
=================================================================================
ImportAccountEntJSON
=================================================================================
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxxxx.com/api/v1/users?limit=100",
"httpContentType": "application/json",
"httpMethod": "GET",
"httpHeaders": {
"Authorization": "${access_token}"
}
},
"listField": "",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "id~#~char",
"name": "profile.firstName~#~char",
"customproperty2": "profile.login~#~char",
"customproperty3": "profile.email~#~char",
"customproperty1": "status~#~char"
}
}
}
},
"entitlementParams": {
"processingType": "SequentialAndIterative",
"entTypes": {
"groups": {
"entTypeOrder": 0,
"entTypeLabels": {
"customproperty1": "id"
},
"call": {
"call1": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://xxxxx.com/api/v1/groups",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "id~#~char",
"customproperty1": "name~#~char"
},
"apps": {
"entTypeOrder": 1,
"entTypeLabels": {
"customproperty1": "Name",
"customproperty2": "Status"
},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://xxxxx.com/api/v1/apps",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "id~#~char",
"customproperty1": "name~#~char",
"customproperty2": "status~#~char"
}
}
}
}
}
}
}
}
},
"acctEntParams": {
"connection": "acctAuth",
"entTypes": {
"apps": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"processingType": "httpEntToAcct",
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://xxxxxx.com/api/v1/apps/${id}/users.json",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "",
"entKeyField": "entitlementID",
"acctIdPath": "id~#~char",
"acctKeyField": "accountID",
"customproperty4": "label~#~char",
"groups": {
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"processingType": "httpEntToAcct",
"http": {
"httpHeaders": {
"Authorization": "${access_token}"
},
"url": "https://xxxxxx.com/api/v1/groups/${id}/users.json",
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "",
"entKeyField": "entitlementID",
"acctIdPath": "id~#~char",
"acctKeyField": "accountID",
"customproperty5": "label~#~char"
}
}
}
}
}
}
}
}
}
===================================================================================================
Create Account Json
===================================================================================================
{
"accountIdPath": "call1.message.id",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/users?activate=true",
"httpMethod": "POST",
"httpParams": "{ \"profile\": { \"firstName\": \"${user.firstname}\", \"lastName\": \"${user.lastname}\", \"email\": \"${user.email}\", \"login\": \"${user.email}\" }}",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json"
}
]
}
=====================================================================================================
Add Access Json
=====================================================================================================
{
"call": [
{
"name": "Group",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/groups/${entitlementValue.entitlementID}/users/${account.accountID}",
"httpMethod": "PUT",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
],
"status": "ACTIVE"
}
},
{
"name": "Application",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/apps/${entitlementValue.entitlementID}/users",
"httpMethod": "POST",
"httpParams": " {\"id\": \"${account.accountID}\",\"scope\": \"USER\",\"credentials\": {\"userName\": \"${account.name}\"}}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
],
"status": "ACTIVE"
}
}
]
}
===================================================================================================================================
Reamove Access json
===================================================================================================================================
{
"call": [
{
"name": "Group",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/groups/${entitlementValue.entitlementID}/users/${account.accountID}",
"httpMethod": "DELETE",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json"
},
{
"name": "Application",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/apps/${entitlementValue.entitlementID}/users/${account.accountID}",
"httpMethod": "DELETE",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json"
}
]
}
====================================================================================================================================
Enable Account
====================================================================================================================================
{
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/users/${account.accountID}/lifecycle/unsuspend",
"httpMethod": "POST",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json"
}
]
}
===================================================================================================================================
Disable Account
===================================================================================================================================
{
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/users/${account.accountID}/lifecycle/suspend",
"httpMethod": "POST",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json"
}
]
}
====================================================================================================================================
APP ACCOUNT JSON For another REST Connection - New REST Connection Need to be created for APP Account Prov and DeProv
====================================================================================================================================
CreateAccountJSON===========
====================================================================================================================================
{
"accountIdPath": "call1.message.id",
"dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
"responseColsToPropsMap": {
"name": "call1.message.userName~#~char",
"displayName": "call1.message.userName~#~char"
},
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/apps/${arsTasks.endpoint.customproperty1}/users",
"httpMethod": "POST",
"httpParams": "{\"credentials\" : {\"userName\": \"${user.username}\"},\"id\": \"${user.customproperty1}\", \"scope\": \"USER\", \"profile\": {\"role\":\"user\"}}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json"
}
]
}
========================================================================================================================
RemoveAccountJSON============
========================================================================================================================
{
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://xxxxx.com/api/v1/apps/${endpoints.customproperty1}/users/${user.customproperty1}",
"httpMethod": "GET",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json"
},
{
"name": "call2",
"connection": "acctAuth",
"url": "${response.call1.message.scope.toString()?.equals('GROUP')? response.call1.message._links.group.href+'/users/'+user.customproperty1 :response.call1.message._links.app.href+'/users/'+user.customproperty1}",
"httpMethod": "DELETE",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses":
{
"statusCode": [204]
}
}
]
}
Labels:
