Create Account error via Access Request

jasmedina · October 2, 2024, 4:57pm

Hi All,

We are using a web service connector and one of the http operation is Create Account. However, when I am trying to create an account using Access Request, I am getting this error:

Request completed

Exception occurred while performing 'Create' operation on identity 'null': Url: https://xxxxx/users, Message: 400 : Bad Request, HTTP Error Code: 400

Here is what my Create Account policy looks like:

Account Schema:

Create Account operation body:

{
    "user": {
        "name": "$plan.name$",
        "siteRole": "$plan.siteRole$"
    }
}

I dont know what seems to be missing in my configuration to prevent the error. Could you please help look at my existing configuration and provide feedback? Thank you so much!

Carlatto · October 2, 2024, 5:09pm

Error 400 usually means that your request is formatted wrong, or it is missing required information. Check the API documentation for your Source to see what the required fields need to be in your Create Account payload.

This kind of looks like you are trying to create a user in Tableau. If that is the case, you might want to see what authentication method is setup. When Active Directory is used for authentication in Tableau, the name field needs to match the sAMAccountName of the user in your Active Directory domain.

jasmedina · October 2, 2024, 5:23pm

Thank you for the input, @Carlatto! The API call is working in postman but I will also look into the authentication method.

gourab · October 3, 2024, 7:02am

Hi @jasmedina

Open postman and try create account via api over there . From postman itself get the curl command .

Now go to ISC and use same curl command with unique static values.
Try to do access request to invoke create account operation.
Go directly to your target system and check if account is created.
If not created, check ISC monitor to get activity id and search that activity id in search to see if all required values are getting passed.
Also ensure about auth method as suggested by @Carlatto

shekhardas1825 · October 3, 2024, 10:27am

@jasmedina please make sure your response mapping is correct in create HTTP operation, you need to map the unique id to correlate the newly created account.

I would recommend you go through below post, this issue was resolved here:

Web Services Create Operation Failing 404 error - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

jasmedina · October 3, 2024, 12:43pm

Based from this thread, I tried to hard code the values in the body and the access request went through. However, when I tried the $plan.attributeName$, I am getting the same error.

jasmedina · October 3, 2024, 12:51pm

Hi @gourab! Can you elaborate more on step 2? Where should I put the curl command in ISC? I tried to hard code the body in the Create Account HTTP and the access request went through but when I used the $plan.attributeName, I am getting the same error.

shekhardas1825 · October 3, 2024, 12:55pm

@jasmedina I am not sure why are you adding entitlement in the body itself? It is not required.

When you request for an access, it first checks whether account is there or not, if there is no account it will create and add entitlement.

Meaning it two operations will be called, create and then add entitlement.

jasmedina · October 3, 2024, 12:58pm

Hi @shekhardas1825! The attribute siteRole is a required attribute in the API call. I tagged it as an entitlement in the schema since there is no direct API call to pull in the siteRole for this application.

gourab · October 3, 2024, 1:00pm

you can use curl on http operations General Information

jasmedina · October 3, 2024, 7:54pm

Hi @Gourab, I am still getting the same error even with curl. I also looked at the logs and it looks like it is not getting the json code in the body.

Bad Request","detail":"Required request body is missing

jasmedina · October 3, 2024, 8:47pm

Hi @Carlatto, do you have a sample json body for your create account in Tableau? Thank you!

gourab · October 4, 2024, 6:03am

Hi @jasmedina
Could you please confirm if the request body is right?As you mentioned Tableau, I just found this page where a sample request body if given and it’s not a json

Page link: Users and Groups Methods - Tableau

vijayasaikoppineni · October 4, 2024, 6:31am

Hello @jasmedina
Good day!

Once Check the create operation through Postman, Check whether account is created or not in target application.
After that write before operation rule.fetch what attribute are passing to create account ,Make it a jsonbody and set to requestEndPoint.

Thank you

jasmedina · October 7, 2024, 2:59pm

hi @gourab! I just changed it to json since I am not pulling any accounts when I use xml. I also tried the XML call in postman and it is working fine.

jasmedina · October 7, 2024, 3:00pm

Hi @vijayasaikoppineni! I was able to create the account successfully via postman. But when I tried it in sailpoint, the log is saying that the jsonbody is void.

system · December 6, 2024, 3:01pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Required request body is missing ISC Discussion and Questions webservice-connector , identity-security-cloud , provisioning , access-requests	14	250	December 6, 2024
Webservices Create Account is not working ISC Discussion and Questions webservice-connector , identity-security-cloud , provisioning , access-requests	15	102	November 21, 2024
AD account creation bypass ISC Discussion and Questions identity-security-cloud , provisioning , connectors	3	72	October 29, 2024
Web Services Create Operation Failing 404 error ISC Discussion and Questions webservice-connector , identity-security-cloud	7	93	September 29, 2024
Account Name is -- after account creation ISC Discussion and Questions webservice-connector , identity-security-cloud , provisioning , access-requests	9	36	January 17, 2025

Create Account error via Access Request

Related topics