and more in a single search tool across platforms. Read the announcement here. |
01/16/2024 04:07 PM - edited 01/16/2024 04:09 PM
Hi -
I have an issue using a REST connection to Staffbase. Their app supports basic auth but uses a static token with no refresh. Given this requirement, I configured ConnectionJSON in the REST connector like the following:
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"contentType": "application/json"
},
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"401",
"AuthenticationFailed",
"InvalidAuthenticationToken",
"FAILURE",
"INVALID_SESSION_ID"
],
"url": "https://REMOVED.staffbase.com/api/users",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "statusCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"authHeaderName": "Authorization",
"accessToken": "Basic REMOVED",
"httpParams": {},
"retryFailureStatusCode": [401,null]
}
}
}
This config works perfectly except that when I run any job that has a high volume of activity, it will eventually start failing to pull back records with a 401 unauthorized error.
pullObjectsByRest - responseStatusCode ::401
I will also get similar errors when running the WSRETRY job, but only after several hundred account tasks have completed. Then they will all start failing with the following output:
{"call1":{"headers":null,"message":"","statusCode":null,"description":null,"status":"Failed"}}
The developer insists there is no refresh mechanism in play, but the error seems to be coming from their API endpoint. Could this be an issue with my config?
I have tried various authentication types including Basic and BasicWithAccessToken using dummy values for username and password. However, the outcome is still the same and the error will return eventually.
Here is the developer authentication info:
API Authentication | Staffbase Developer Portal
01/16/2024 07:56 PM
Add successResponse in json
01/17/2024 02:25 PM - edited 03/13/2024 02:54 PM
@rushikeshvartak Will successResponse have an impact if their API is returning 401/null response? I thought about this but did not test it as it seems unclear that would be related.
I do have more to report.
If I hardcode the token into the httpHeaders parameters instead, the issue appears to go away. However, I must also keep the same token in the accessToken parameter, or the connection will fail. Does this make sense? I just do not understand the mechanism that would result in that making a difference. I thought that 'authHeaderName' and 'accessToken' accomplished the same result of placing a static token into the httpHeaders of the actual REST call when Saviynt runs the code.
"httpHeaders": {
"contentType": "application/json",
"Authorization": "Basic TOKEN-REMOVED"
},
Here is the workaround code that works without any 401/null errors:
{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"httpHeaders": {
"contentType": "application/json",
"Authorization": "Basic TOKEN-REMOVED"
},
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"401",
"AuthenticationFailed",
"InvalidAuthenticationToken",
"FAILURE",
"INVALID_SESSION_ID"
],
"url": "https://REMOVED/api/users",
"httpMethod": "POST",
"httpContentType": "application/json",
"errorPath": "statusCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"authHeaderName": "Authorization",
"accessToken": "Basic TOKEN-REMOVED",
"httpParams": {},
"retryFailureStatusCode": [401,null]
}
}
}