Account creation failed in WebService application and throwing below error. I am suspecting few attribute is missing in Provisioning plan due to that its failing. Please suggest the possible root cause based on below error-
Exception occurred while performing ‘Create’ operation on identity ‘A3045679’: { “message”: “Failed to save the user.” }
[Please insert images here, otherwise delete this section]
Please share any other relevant files that may be required (for example, logs).
[Please insert files here, otherwise delete this section]
Share all details about your problem, including any error messages you may have received.
[Replace this text with the problem that you are facing]
Based on the error you shared — {"message":"Failed to save the user."} — IIQ is most likely just surfacing the target application’s API response, and the real failure is happening on the endpoint side.
My first step would be to validate the Create Account operation end to end:
Confirm the Create Account provisioning policy contains every field the target API requires. In IIQ, application provisioning policies are what populate values for new account requests.
Confirm those values are actually making it into the request body. For the Web Services connector, the create payload is built from the provisioning plan using $plan...$ placeholders, so a field can exist in the policy but still be missing from the outbound JSON if the mapping is wrong.
Check the raw API response, not just the top-level IIQ error. “Failed to save the user” usually means the target rejected the payload because of a missing mandatory field, invalid value, duplicate key, or server-side validation rule.
Verify the response mapping too. The Web Services connector expects schema attributes from the returned response to be mapped correctly, and a bad or incomplete response mapping can also break create processing after the POST succeeds.
I’d especially recommend checking Administrator Console → Provisioning.
SailPoint’s Provisioning Transactions view shows attribute-level request details and the applicable error messages, which is usually the fastest way to tell whether the failure is due to a missing field in the plan, a bad payload mapping, or the target API rejecting valid-looking input.
If you can share the Create Account request payload, provisioning policy, and transaction details / raw response, it should be possible to pinpoint the issue much faster.
Hi can you please share what is the requirement, when you sais creation failed, are you passing the required attributes in the body for create??
did you test create from postman?? does it work??
if you can share your create operate configuration detail, it will be easier to give solution.
Hi @cbskiet1986 Can you share the sample post JSON and your account creation application configuration? However, ask the API team what the mandatory fields are for an account, based on their input, you have to construct the JSON body in the create account operation. Before configuring it in the application, you need to test it in Postman.
@cbskiet1986 Please try the API calls in postman to make sure you have the right details. If it is working in postman, then print the requeseEndpoint object in before rule of your app. This’ll tell you the API call for that endpoint, and it will have details about headers, params, url, body, etc. which you can compare against postman and see if it has all the attribute or not.