Powershell api issue not able to reach to tenant URL

hranjan3 · January 4, 2024, 4:20pm

Hi, Can someone please suggest me solution for one issue I am facing while trying to use Sailpoint API from Powershell. Here is the detailed info about issue:

This is one simple script I have:

$Parameters = @{
    "Filters" = 'name co "Test User"'
}

# Accounts List
try {

    Invoke-Paginate -Function "Get-Accounts" -Increment 250 -Limit 1000 -InitialOffset 0 -Parameters $Parameters

} catch {
    Write-Host ("Exception occurred when calling Invoke-Paginate: {0}" -f $_.ErrorDetails)
    Write-Host ("Response headers: {0}" -f $_.Exception.Response.Headers)
}

I am executing it from Powershell version 7 but its giving error message:

PS C:\Users\Documents\Sailpoint powershell works\SPAPITest> .\Test-api-2.ps1
Conversion from JSON failed with error: Unexpected character encountered while parsing value: A. Path '', line 0, position 0.

Trial with other script: I have one more script:

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Accept", "application/json")
$headers.Add("Authorization", "Bearer <token>")

$certData = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(, [Convert]::FromBase64String($cert))


$response = Invoke-RestMethod 'https://tenant.api.identitynow.com/v3/certifications' -Method 'GET' -Headers $headers
$response | ConvertTo-Json

while running this script I get error message:

PS C:\Users\Documents\Sailpoint powershell works\SPAPITest> .\test2.ps1
Invoke-RestMethod: C:\Users\Documents\Sailpoint powershell works\SPAPITest\test2.ps1:8
Line |
   8 |  $response = Invoke-RestMethod 'https://tenant.api.identitynow.com/v3/ …
     |              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | A connection attempt failed because the connected party did not properly respond after a period of time, or
     | established connection failed because connected host has failed to respond.

Trial case 3: for the same script I did little modification and tried to run from Powershell version 5.2:

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Accept", "application/json")
$headers.Add("Authorization", "Bearer <token>")

add-type @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy


$response = Invoke-RestMethod 'https://tenant.api.identitynow.com/v3/certifications' -Method 'GET' -Headers $headers
$response | ConvertTo-Json

It works fine.

But when I modify above script for powershell 7 version like:

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Accept", "application/json")
$headers.Add("Authorization", "Bearer <token>")

$certData = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(, [Convert]::FromBase64String($cert))


$response = Invoke-RestMethod 'https://tenant.api.identitynow.com/v3/certifications' -Method 'GET' -Headers $headers
$response | ConvertTo-Json

it gives error message:

Invoke-RestMethod: C:\Users\Documents\Sailpoint powershell works\SPAPITest\test2.ps1:8
Line |
   8 |  $response = Invoke-RestMethod 'https://tenant.api.identitynow.com/v3/ …
     |              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | A connection attempt failed because the connected party did not properly respond after a period of time, or
     | established connection failed because connected host has failed to respond.
null

Could you please suggest if anything I am missing or changes I need to make to fix this issue.

@darrenjrobinson @tyler_mairose

KevinHarrington · January 4, 2024, 4:25pm

Try to force it to use TLS by adding the following line before you make any calls:

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12

hranjan3 · January 4, 2024, 4:53pm

hranjan3 · January 4, 2024, 4:55pm

thanks Kevin, I tried adding the suggested line but error remains same.

I forgot to add info - all my scripts are running fine in my local system without adding any info for certificate or TLS… but when I try to run same script from one other windows server which I access using RDP, its not working.

RAKGDS · January 4, 2024, 5:29pm

Hi Kevin,
Can you try the below. Create a variable and add the url in the same and then use it in the Invoke-Method. I am suspecting there many be issues related to encoding of the URL.

$Uri = ‘https://tenant.api.identitynow.com’
Invoke-RestMethod $Uri

edmarks · January 4, 2024, 8:11pm

I’d suggest using VSCODE and the debugger to step through the code and investigate the specifics.

darrenjrobinson · January 7, 2024, 11:09pm

Also verify that the version of powershell on the other host is the same as the host you have it working.

system · March 7, 2024, 11:10pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Powershell API call ISC Discussion and Questions apis , identity-security-cloud	4	537	June 22, 2023
Powershell API calls ISC Discussion and Questions apis , identity-security-cloud	8	1050	August 19, 2023
The remote server returned an error: (429) ISC Discussion and Questions	2	1110	July 19, 2023
How to read all entitlements through REST API call from PowerShell Script (with pagination) ISC Discussion and Questions identity-security-cloud	3	606	January 14, 2024
Error while Using oauth to generate authorization token for api ISC Discussion and Questions apis , identity-security-cloud	7	1607	July 19, 2023

Powershell api issue not able to reach to tenant URL

Related topics