Unable to Create Account with Web Service Connector

Hi,

I configured a web service connector for Oracle Fusion Cloud HCM in IdentityNow. I’m able to fetch the users and roles and workers information. I’m trying to create an account using the create account operation when a role is requested, however I get the following error message. What could be causing this error?

[“Exception occurred while performing \u0027Create\u0027 operation on identity \[email protected]\u0027: Url: https://hcmRestApi/resources/11.13.18.05/workers, Message: 400 : Bad Request, HTTP Error Code: 400”]

@adyer, 400 status code based can occur due to an incorrectly typed URL, malformed syntax, or a URL that contains illegal characters.

Your URL https://hcmRestApi/resources/11.13.18.05/workers seems unusual to me. Is it because you’ve added a placeholder in the above URL for posting on this forum? Can you validate this in postman and try to create test users there? Also, please validate if you’re using the right baseUrl and contextUrl configured on the source UI.

@Arshad the valid url was removed for security reasons.

@adyer, what I mean to say is about how your URL contains an IP address as 11.13.18.05. Ideally I’ve not seen IP address in the URLs as it must ideally be parameterized or escaped in worst case. Also, have you tested to create account from Postman using the same API endpoint and JSON body?

@Arshad this is my context url and version is require for the API i’m calling. The base url that i’m using to establish a connection is https://test.com/. Again this is a dummy url. I’m able to fetch the workers and relevant data. I created a create account operation, the idea is to create the account based on BusinessUnitName which is set as an entitlement and marked as requestable. Also, I created the provisioning policy for the create account for the web service connector. This is the error that i’m getting when attempting to create an account: Attach is my Schema. I’ve been stuck here for a couple of weeks really looking for some guidance.

“Provisioning
Exception occurred while performing ‘Modify’ operation on identity ‘[email protected]’: Error: No configuration found for’Update Account’. Please add at least one operation and try again.,Exception occurred while performing ‘Create’ operation on identity ‘[email protected]’: Url: https://test.com/hcmRestApi/resources/11.13.18.05/workers, Message: 400 : Bad Request, HTTP Error Code: 400”

Schema:
[
{
“nativeObjectType”: “user”,
“identityAttribute”: “EmailAddress”,
“displayAttribute”: “EmailAddress”,
“hierarchyAttribute”: null,
“includePermissions”: false,
“features”: ,
“configuration”: {},
“attributes”: [
{
“name”: “PersonId”,
“type”: “STRING”,
“schema”: null,
“description”: “PersonId”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “PersonNumber”,
“type”: “STRING”,
“schema”: null,
“description”: “PersonNumber”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “EmailAddressId”,
“type”: “STRING”,
“schema”: null,
“description”: “EmailAddressId”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “EmailAddress”,
“type”: “STRING”,
“schema”: null,
“description”: “EmailAddress”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “PeriodOfServiceId”,
“type”: “STRING”,
“schema”: null,
“description”: “PeriodOfServiceId”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “UserPersonType”,
“type”: “STRING”,
“schema”: null,
“description”: “UserPersonType”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “BusinessUnitName”,
“type”: “STRING”,
“schema”: {
“type”: “CONNECTOR_SCHEMA”,
“id”: “dummy”,
“name”: “group”
},
“description”: “BusinessUnitName”,
“isMulti”: false,
“isEntitlement”: true,
“isGroup”: true
},
{
“name”: “JobCode”,
“type”: “STRING”,
“schema”: null,
“description”: “JobCode”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “DefaultExpenseAccount”,
“type”: “STRING”,
“schema”: null,
“description”: “DefaultExpenseAccount”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “LegalEmployerName”,
“type”: “STRING”,
“schema”: null,
“description”: “LegalEmployerName”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “FirstName”,
“type”: “STRING”,
“schema”: null,
“description”: “FirstName”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “LastName”,
“type”: “STRING”,
“schema”: null,
“description”: “LastName”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “DisplayName”,
“type”: “STRING”,
“schema”: null,
“description”: “DisplayName”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “LegislationCode”,
“type”: “STRING”,
“schema”: null,
“description”: “LegislationCode”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “EmailType”,
“type”: “STRING”,
“schema”: null,
“description”: “EmailType”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “ActionCode”,
“type”: “STRING”,
“schema”: null,
“description”: “ActionCode”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
},
{
“name”: “WorkerType”,
“type”: “STRING”,
“schema”: null,
“description”: “WorkerType”,
“isMulti”: false,
“isEntitlement”: false,
“isGroup”: false
}
],
“id”: “dummy”,
“name”: “account”,
},
{
“nativeObjectType”: “group”,
“identityAttribute”: “”,
“displayAttribute”: “”,
“hierarchyAttribute”: null,
“includePermissions”: false,
“features”: ,
“configuration”: {},
“attributes”: ,
“id”: “dummy”,
“name”: “group”,
}
]

Provisioning Policy:

{
    "name": "Account",
    "description": null,
    "usageType": "CREATE",
    "fields": [
        {
            "name": "Username",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "email"
                }
            },
            "attributes": {
                "template": "$(firstname)$(lastname)$(uniqueCounter)",
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "FirstName",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "firstname"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "LastName",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "lastname"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "LegislationCode",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": "Dummy"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "EmailType",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": "Dummy"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "EmailAddress",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "email"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "LegalEmployerName",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": "Dummy"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "WorkerType",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": "Dummy"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "ActionCode",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": "Dummy"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "BusinessUnitName",
            "transform": {
                "type": "static",
                "attributes": {
                    "value": "dummy"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        },
        {
            "name": "UserPersonType",
            "transform": {
                "type": "identityAttribute",
                "attributes": {
                    "name": "workerType"
                }
            },
            "attributes": {
                "cloudRequired": "true"
            },
            "isRequired": false,
            "type": "string",
            "isMultiValued": false
        }
    ]
}

Create Account Operation

CURL command:
curl --location ‘https://dummy.com/hcmRestApi/resources/11.13.18.05/workers
–header ‘Content-Type: application/json’
–header ‘Authorization: Basic dummy==’
–request POST
–data-raw ‘{
“names”: [{
“LastName”: “$plan.LastName$”,
“FirstName”: “$plan.FirstName$”,
“LegislationCode”: “$plan.LegislationCode$”
}],
“emails”: [{
“EmailType”: “$plan.EmailType$”,
“EmailAddress”: “$plan.EmailAddress$”
}],
“workRelationships”: [{
“LegalEmployerName”: “$plan.LegalEmployerName$”,
“WorkerType”: “$plan.WorkerType$”,
“assignments”: [{
“ActionCode”: “$plan.ActionCode$”,
“BusinessUnitName”: “$plan.BusinessUnitName$”,
“UserPersonType”: “$plan.UserPersonType$”
}]
}]
}’

Response Mapping:


@Arshad Also, when I make the POST request via Postman i’ am able to create the account successfully.

Hi @adyer,

  1. Try hardcoding the values in your Create Account POST body and see if you are successful in creating the account.

  2. If that works, try enabling the connector logs and see if you can get more details about the error (with variables). You can follow this document to enable the connector logs.

Hey Alex,

Have you had a chance to check the payload generated by the HTTP operation? In similar situations, we’ve managed to pinpoint the error using webhooks.

If you have a webhook available, you can temporarily set it up as the hostname in the source for testing purposes and trigger the Create operation. This will allow you to see the complete payload generated by the provisioning policy. Test that payload using a Postman call. It should help you easily identify and fix the error.

Hi Jesvin,

Thanks I tried that and got an error message about add entitlement operation missing. So I added another operation to add entitlement and now getting the following error message. I modified some of the values for security reasons. Can you please advise.

“message”:“Invalid cookie header: "Set-Cookie: xxxx=/xxxx+xxxx/xx+xxxxxxx; Expires=Thu, 16 May 2024 23:55:02 GMT; Path=/; SameSite=None; Secure". Invalid ‘expires’ attribute: Thu, 16 May 2024 23:55:02 GMT”,“pipeline”:“1266”,“@timestamp”:“2024-05-09T23:53:49.189Z”,“thread_name”:“Thread-3”,“atlas-util”:“1752”,“metrics”:“1266”,“region”:“dummy”,“queue”:“test”,“SCIM Common”:“8.0 Build 0000000-000000-00000”}