WebService connector APIs Get access_token issue

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

Get access_token from the response body of one http request and pass to another http request header

I tried to get access_token from the first http request like below
access_token: {{$.hTTPRequest.body.access_token}}

and passed the access_token for the second http request header
access_token: {{$.hTTPRequest.body.access_token}}
Authorization: Bearer $application.access_token$

Getting below error when I’m doing Account Aggregation
Unauthorized : {“message”:“Bad Authorization Token”}, HTTP Error Code: 401

Please suggest how to get correct access-token?

2

Are you using “Custom Authorization” to configure the “first http request” as you noted? If so, you should be able to map this directly in the UI as “access_token” = “access_token”.

In the “second http request” header you should be able to just map this as “Authorization” = “Bearer $application.access_token$”

3

He @edmarks ,

I’m using custom authorization, I mapped like your suggestion in first http request and passed the second http request same like your suggestion, I’m still getting error. Please see the screen shots.

Error!

sailpoint.connector.ConnectorException: Url: https://xxx.yyy.com/z2/users?Limit=50&Offset=0, Message: 401 : Unauthorized : {“message”:“Bad Authorization Token”}, HTTP Error Code: 401.

1HTTP
1HTTP1130×367 19.1 KB

2HTTP
2HTTP1130×485 23.5 KB

4

@Ellanti

Which application is this ? Is this an internal application ?
If yes , do we have the api call format of how we need to use access token ?

If not , can you provide the API documentation link of the application .

5

Hi @sidharth_tarlapally ,

This is an
internal application, the access_token generating and passing in to second http request in postman correctly with out any 401 errors. where as in IdentityNow getting 401 error.

HTTP_First
HTTP_First1331×682 59.7 KB

HTTP_Second
HTTP_Second1295×809 65.7 KB

6

@Ellanti

Were you able to make test connection ?
Check if we are missing anything in authenticate operation , method is POST ?

7

You can follow the troubleshooting steps below:

  1. Manually copy the Bearer token from Postman and paste it into the Web Service connector’s Direct Aggregation HTTP operation. Then run the operation to check if it works as expected.
  2. If it works, proceed to test the same logic within a Workflow HTTP Request. This will help you confirm whether the bearer token is being generated and correctly passed to subsequent HTTP requests. Use Two HTTP request to collect in first and pass in second once, you can validate output while testing and can easily fix the issue.

Using this approach, you can easily troubleshoot any issues related to token generation or transmission.

1 Like
8

Hi @Ellanti ,

Few things to consider.

  1. Please select “custom authentication” as auth type in connection settings page
  2. Hope you have given correct customauthURL
    image
    image975×153 2.53 KB
  3. Hope you have given $ as root path in response information
  4. Also, can you change the schema attribute as “customToken” rather than “access_token”. I know this is not an issue but worth a try
9

Considering it’s an “internal” application vs. COTS application, reach out to the application team and coordinate an API testing session with them to see what the application is actually getting for the headers/body. Also ensure the application is truly getting a “bad” authorization vs. something else in the API that just happens to respond with an incorrect error saying “connection refused” (or similar)

10

@sidharth_tarlapally ,
I’m successfully making test connection, and authentication working correctly, only issue not able to pass access_token in the second http request.

11

Hi @hkhandale ,

All your suggested steps works correctly in the first step on the WebService connector and 2nd step in the workflow http request.

Where as the issue doesn’t fix on the webservice connector to fetch access_token and pass into the second http request to get access_token dynamically.

12

Hi @JackSparrow ,

I have all the steps in the connector except
schema attribute as “customToken” rather than “access_token”. I know this is not an issue but worth a try.

I tried with customToken rather than access_token, still getting 401 error

13

Hi @edmarks ,
The end points and authentication works correctly in the WorkFlow HTTP requests, only issue in WebService connector 2nd HTTP request.