I am getting below error for web service entitlement revoke in which we need to remove roles and teams and mentioned “teamIds“ and “roleIds“ going to be retained
Hi, thank you and will check on this. Here the requirement is that the reviewer will try to remove the roles ids/teams ids during user access review and remaining roles ids/teams ids need to be updated back to the user as per the below body payload .
Hi Kalyan, “400 : Bad Request : {“Message”:“A non-empty request body is required.”}” - typically indicates that the API endpoint is receiving an empty or improperly formatted payload.
A few things to check:
Variable Substitution: Ensure that all $plan.*$ variables are being correctly resolved before the payload is sent. If any of them are null or not populated, the resulting JSON may be invalid or empty.
Payload Formatting: Double-check that the final JSON being sent (after variable substitution) is valid and not empty. You can log or print the payload just before it’s sent to verify.
Content-Type Header: Confirm that the request includes the correct header:
Code
Content-Type: application/json
Empty Arrays: If roleIds or teamIds are empty arrays, some APIs may treat that as an empty body. Try removing those fields entirely if they’re not needed for the revoke operation.
Endpoint Consistency: You mentioned two different URLs in your message - one with sample.net and another with test.net. Make sure the correct and consistent endpoint is being used.
Let us know what the resolved payload looks like, and we can help further if needed.
Example: During user access review using PUT API call if the user is having 3 roleIds/teamIds multivalued multiple entitlements then the reviewer tries to revoke one or more roleIds/teamIds from the user then the rest remaining should be updated accordingly after removal of the one or more roleIds/teamIds from the user.
Postman API looks like as below:
the method is PUT. so any details sent in payload are retained.So the above payload indicates that role 10 & team 12 are retained / created to the user. All other roles and teams are removed. if user is part of 3 teams with 3 roles the get user payload shows"roleIds": [12,13,15],“teamIds”: [10,11,20],if you want to remove roles 13,15 or teams 11 & 20 u should update user and pass only what you want to retain i.e.,“roleIds”: [ 12 ],“teamIds”: [ 10 ],
Example: During user access review using PUT API call if the user is having 3 roleIds/teamIds multivalued multiple entitlements then the reviewer tries to revoke one or more roleIds/teamIds from the user then the rest remaining should be updated accordingly after removal of the one or more roleIds/teamIds from the user.
Postman API looks like as below:
the method is PUT. so any details sent in payload are retained.So the above payload indicates that role 10 & team 12 are retained / created to the user. All other roles and teams are removed. if user is part of 3 teams with 3 roles the get user payload shows"roleIds": [12,13,15],“teamIds”: [10,11,20],if you want to remove roles 13,15 or teams 11 & 20 u should update user and pass only what you want to retain i.e.,“roleIds”: [ 12 ],“teamIds”: [ 10 ],
log.info(“CheckmarxBeforeOp: Start processing user update”);
// Validate endpoint & body
if (requestEndPoint == null) {
log.warn(“CheckmarxBeforeOp: requestEndPoint is null”);
return requestEndPoint;
}
Map bodyMap = requestEndPoint.getBody();
if (bodyMap == null) {
log.warn(“CheckmarxBeforeOp: Body map is null – initializing”);
bodyMap = new java.util.HashMap();
}
Object jsonBodyObj = bodyMap.get(“jsonBody”);
String jsonBody = null;
if (jsonBodyObj instanceof String) {
jsonBody = ((String) jsonBodyObj).trim();
}
if (Util.isNullOrEmpty(jsonBody)) {
// initialize an empty JSON object so we are not sending null/empty body
log.info(“CheckmarxBeforeOp: jsonBody was empty → initialising new JSON payload”);
jsonBody = “{}”;
}
Map<String,Object> jsonMap = null;
try {
jsonMap = JsonUtil.toMap(jsonBody);
} catch (Exception e) {
log.error("CheckmarxBeforeOp: Failed to parse incoming JSON body: " + e.getMessage(), e);
jsonMap = new java.util.HashMap<String,Object>();
}
if (jsonMap == null) {
jsonMap = new java.util.HashMap<String,Object>();
}
// — Remove roleIds if present
List) jsonMap.get(“removeRoleIds”);
if (removeRoleIds != null) {
List) jsonMap.get(“roleIds”);
if (existingRoles == null) {
existingRoles = new ArrayList<>();
}
List newRoles = new ArrayList<>();
for (Object rid : existingRoles) {
if (!removeRoleIds.contains(rid)) {
newRoles.add(rid);
} else {
log.info("CheckmarxBeforeOp: Removing roleId → " + rid);
}
}
jsonMap.put(“roleIds”, newRoles);
jsonMap.remove(“removeRoleIds”);
}
// — Remove teamIds if present
List) jsonMap.get(“removeTeamIds”);
if (removeTeamIds != null) {
List) jsonMap.get(“teamIds”);
if (existingTeams == null) {
existingTeams = new ArrayList<>();
}
List newTeams = new ArrayList<>();
for (Object tid : existingTeams) {
if (!removeTeamIds.contains(tid)) {
newTeams.add(tid);
} else {
log.info("CheckmarxBeforeOp: Removing teamId → " + tid);
}
}
jsonMap.put(“teamIds”, newTeams);
jsonMap.remove(“removeTeamIds”);
}
// — Ensure we are sending something meaningful
if (jsonMap.isEmpty()) {
log.warn(“CheckmarxBeforeOp: jsonMap is empty. Adding a dummy field to avoid empty body”);
// Add e.g. an unchanged field so body is not empty
jsonMap.put(“id”, ((Application)application).getId());
// Note: adjust the above if “application” id is not the user id—maybe you retrieve userId separately
}
// — Render and set body
String newJsonBody = JsonUtil.render(jsonMap);
log.info("CheckmarxBeforeOp: Final JSON payload → " + newJsonBody);
