In WebService connector in SailPoint ISC we want to use variable $application.accesstoken$ for authorization in headers but by default string “Bearer” is added at the beginning of this variable. With this string (“Bearer”) we get error “Message: 401 : Unauthorized : {“code”:“invalid_token”,“message”:“invalid access token”}, HTTP Error Code: 401”. How can we remove/skip this string from variable $application.accesstoken$?
Hi,
How are you setting the data to the variable $application.accesstoken$?.
You can remove it while you are creating the variable.
-Abhinov
Hi,
in Connection Settings through Authentication Type - API Token and then I put token in API Token in SailPoint Identity Security Cloud.
HI,
If you put the data into API token, how the value is setting for accesstoken?
I think the issue is something else. Can you try this in postman first and try to put same in Webservices connector?
-Abhinov
Hi @amaliszewska,
Are you using any rule for token generation?
Hi,
Based on documentation of the Web Service Connector when you provide Connection settings you need to choose Authentication Type - so when we have Token from our external source we tried to put it in API Token Auth options. In docs they put information like: The API token you provide is saved to the accesstoken attribute in the application configuration ($application.accesstoken$). We need to use it in our HTTP Operations in header (referring to this variable instead of explicitly specifying this value again). But in this API Token they placed note like this: If the token type is not provided, then the connector automatically uses Bearer . how to omit this situation when SailPoint adds this prefix with Bearer automatically. How can we indicate to him not to add token type before?
Hi,
Try to add token directly in header.
Use key as x-api-key and value as token.
-Abhinov
We changed Authentication Type to Custom Authentication and now it works properly. Now API token is saved without string “Bearer”.
Thank you for your help!
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.