Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Reconciliation failure for an application

Akankshahanda
New Contributor III
New Contributor III

‎03/28/2024 02:43 AM

Hi All,

We have an application which is integrated using REST API. We observed that the reconciliation job for the application started failing with the below error one day all of sudden.

DEBUG rest.RestProvisioningService  - Access token expired. throwing null / [InvalidAuthenticationToken, AuthenticationFailed, FAILURE, 401, 403, 500, 500 Internal Server Error] exception for retry
2024-01-02 11:30:05,663 [quartzScheduler_Worker-24] ERROR rest.RestProvisioningService  - Exception in pullObjectsByRest :Ambiguous method overloading for method java.lang.Exception#<init>.

However, it was working for months before it started failing and we had made no changes in the configurations.

Then after a month it started working on its own, and starting March its failing again, without any changes to the configs with the same error as above.

Please let me know if someone has ever come across something familiar and how to fix this.

Regards,

Akanksha Handa

Labels:
0 Kudos
5 REPLIES 5

CR
Regular Contributor III
Regular Contributor III

‎03/28/2024 03:07 AM

Looks like authentic error ,  Token expired or check in postman once


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.
0 Kudos

rushikeshvartak
All-Star
All-Star

‎03/28/2024 05:36 AM

It seems application is using refresh token instead of access token which expires after some months


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Akankshahanda
New Contributor III
New Contributor III
In response to rushikeshvartak

‎03/29/2024 03:10 AM

Hello,

Could you please tell if there is a way to make sure of this from Saviynt logs, to be able to convey to the application team?

Also, what would be the recommended solution to fix the issue?

Regards,

Akanksha handa

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Akankshahanda

‎03/29/2024 10:10 AM

Enable showlogs :true in config json in connection 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Falcon
Saviynt Employee
Saviynt Employee

‎03/29/2024 11:45 AM

Disclaimer - This is an AI generated response and feedback will be used to fine-tune 

Based on the description of the error you're encountering, it seems the issue primarily revolves around the expiration and renewal of access tokens used for authentication with your application's REST API. Given the intermittent nature of the issue, a likely cause is the token refresh mechanism not functioning as expected, or the application not handling expired tokens correctly, causing failed attempts at data reconciliation.

To address these issues, it's important to implement a robust mechanism for managing authentication tokens, including their renewal before expiration and handling errors related to token expiration effectively. Below is an example JSON configuration for a REST connection that includes fields for error handling and token management, adapted from the REST Connector Guide. This configuration outlines how to specify error handling for expired tokens and the retry mechanism, ensuring the connector attempts to refresh the token or reauthenticate as needed.

{
  "ConnectionName": "YourApplicationConnection",
  "ConnectionDescription": "Connection for Application XYZ",
  "ConnectionType": "REST",
  "authtype": "OAuth",
  "authError": [
    "InvalidAuthenticationToken",
    "AuthenticationFailed",
    "Access token expired"
  ],
  "errorPath": "error_description",
  "retryFailureStatusCode": [401, 403],
  "maxRefreshTryCount": 3,
  "ConnectionJSON": {
    "authentications": {
      "authType": "OAuth",
      "tokenURL": "https://yourapplication.com/oauth/token",
      "clientId": "YourClientId",
      "clientSecret": "YourClientSecret",
      "scope": "requiredScope",
      "grantType": "refresh_token",
      "refreshToken": "YourRefreshToken",
      "accessTokenPath": "access_token",
      "expiryPath": "expires_in",
      "tokenType": "Bearer",
      "httpMethod": "POST"
    }
  }
}

Key Components:

  • authError: Lists the possible error messages or codes returned by the API that indicate an authentication or token issue. When the connector encounters these errors, it knows to attempt a re-authentication or token refresh.
  • errorPath: Specifies the JSON path in the API response where the connector can find error messages or codes. This path helps the connector identify whether an encountered error is related to authentication.
  • retryFailureStatusCode: Includes HTTP status codes that should trigger a retry, typically because they indicate a token or authentication issue.
  • maxRefreshTryCount: Defines how many times the connector should attempt to refresh the token or reauthenticate after encountering an authentication error before giving up.
  • ConnectionJSON: This section should be tailored to the specifics of your application's authentication mechanism. For OAuth, it includes token endpoint information, client credentials, and paths for retrieving the access token and its expiration time from the authentication response.

Ensure your application's backend or the REST API itself robustly handles token expiration scenarios, such as attempting to refresh the token before it expires and providing clear error responses when the token is invalid or expired. Properly implementing such mechanisms can prevent issues like the one you've described and ensure more reliable connectivity and data processing.

0 Kudos
Copyright © 2024 Khoros, LLC