Web service connection fails invalid client error

Identity Security Cloud (ISC) ISC Discussion and Questions
1

SailPoint > ISC

I am tryng to create web service based source connection (with VA), getting invalid client errors (unable to generate token).
Both custom authentication, client credentials options tried and it fails.

It works through Bruno (similar to postman) api client with OAuth2 client_credentials or password grant type.

2

Hi @rvemula , you can see this topic and get help . Also check for configurations you done.
Thank you.

3

Hi Pravin

Thank you for response.

It is basic authentication used from the topic you have shared. I need steps for using oauth2 > client credentials and custom authentication

4

Hi @rvemula,

If you have username and password please try with Basic Authentication Type.
If still you are facing the issue i think you can write the rule to generate the token.
Thank You!

5

Hi ramesh use custom authentication and place your url only there and go to http operations and select test connection give url and client id and seceret code and do test connection your connection will be successfull

6

Message: 400 : Bad Request : {“error”:“invalid_request”,“error_description”:“grant_type is required for issuance”}, HTTP Error Code: 400

I have added grant_type and same error after I saved and tested

7

For clarity, you have tried both “grant_type = Password” and “grant_type = Client Credentials” along with their respective credential values, and you received that same error?

Since I am unfamiliar with Bruno, I would like to ask a couple questions about how your working set up is there:

  1. Did you need to configure anything other then the grant_type and the Client Credentials there to get it working?
  2. Are there any scripts or Parameters that Bruno inserts automatically that might be missing from SailPoint?
  3. have you configured the same request end point in Bruno and SailPoint? (This is to verify you are debugging the same thing.)

Looking at the Documentation (OAuth 2.0 Authentication) for the connector, it looks like it also allow for Headers to be added or excluded. Do you have any custom headers that are needed?

Lastly, you mention that you need steps for custom Authentication. Have you tried setting it up based on the documentation for the connector? Found here: Custom Authentication

If so, what did you try there, and what were the results?

This reply likely won’t help solve the issue, but it may help you get better replies from others.

8

Thank you all for replies and suggestions.

We were able to fix this issue, steps followed are:

  1. Selected Authentication type as custom authentication in connection settings. Filled user name, password, baseURL, client id, secret

  2. Added custom authentication in http operations, provided token url. In body Raw settings, as per below screenshot.

image
image967×279 43.1 KB

9

ok ramesh sounds good