Hi All,
We have the below scenario.
The bank is trying to set up SAP SuccessFactors environment, they want to use one identity management system as an Identity store.
They just want to fetch identity data from One identity manager.
Is it possible to connect to one identity from SAP SuccessFactors via REST API?
Your help is very much appreciated.
Thank you in advance.
Kind Regards,
Dnyandev
One Identity Manager provides a REST API and the documentation is available here https://support.oneidentity.com/de-de/technical-documents/identity-manager/8.1.3/rest-api-reference-guide
But I do not know what you need to do on the SAP SuccessFactors side and what type of information you need from the REST API in detail, but it should be doable.
Hi Markus,
When I try to loggin with system user to application server URL I get below message in logs.
User is authonticated but I I get loggin page again.
I get this issue when I user server name in URL as below.
http://<serverName>/IDMAppServer/
2020-11-03 09:35:29.2448 INFO (ObjectLog 671bfde6-7ec6-4995-95f5-0568c6f81297) : User SAPSF (Dialog user: SAPSF, X fields: SAPSF) authenticated.
2020-11-03 09:35:29.2760 INFO (AppServer ) : Could not find authentication data for session xOe2BYw0Z1Bhtu7NqqvF, it may have expired.
But when I user below URL
http://localhost/IDMAppServer
I am able to go beyond login page.
Could you please help me and suggest if I am doing anything wrong.
Kind Regards,
Dnyandev
Did you try http://<serverName>/IDMAppServer ?
Thank you Markus for the quick response.
I tried this but the same issue.
Sounds weird to me. Did you run this behind a load-balancer if you access the application server using the serverName?
there is no load-balancer used.
Are you using IE11? If so, does it work in a different Browser?
Thank you, Markus.
It is working with Google chrome.
Do you have any idea why it is not working with IE11? Also when I try to access using IE 11 from my work desk it gives HTTP 400 Bad request.
But it works fine with Google chrome.
Thank you, Markus.
It is working with Google chrome.
Do you have any idea why it is not working with IE11? Also when I try to access using IE 11 from my work desk it gives HTTP 400 Bad request.
But it works fine with Google chrome.
Please check if IE11 is showing the URL in compatibility mode. If so, it will not work.
Please check if IE11 displays the page in compatibility mode. If so, it will not work.
you are an expert Markus.
It is working now after removing the page from compatibility mode.
I am a little confused could you please correct me if I am wrong.
To connect REST API is it enough to give the below information. I checked the document but it is not clear to me.
URL : http://<Server>/IDMAppServer/api/entities/LDAPAccount?limit=10&loadType=Default
User: System user and password.
You need to login first. Check the documentation here https://support.oneidentity.com/de-de/technical-documents/identity-manager/8.1.3/rest-api-reference-guide/4#TOPIC-1481383
Hi Markus,
When I talked with SAP successfactor person he told that there is no posibility to do scripting and pass authontication string is below format.
{"authString":"Module=DialogUser;User=<user name>;Password="}
They have interface where they specify URL, user id and password.
After this configuration application server log is showing belwo error. By seeing this message it seems authontication string is not passed is required format.
Is there any other posibility to connect or this can be done only throug scripting.
Thank you in advance and sorry for disturbing you again and again as this is my first experience with REST API.
{"authString":"Module=DialogUser;User=<user name>;Password="}
2020-11-10 12:07:34.8706 ERROR (ObjectLog Global) : [System.Runtime.Serialization.SerializationException] Type definitions should start with a '{', expecting serialized type 'AppHostAuthRequest', got string starting with: grant_type=client_credentials
System.Runtime.Serialization.SerializationException: Type definitions should start with a '{', expecting serialized type 'AppHostAuthRequest', got string starting with: grant_type=client_credentials
at ServiceStack.Text.Common.DeserializeTypeRefJson.StringToType(ReadOnlySpan`1 strType, TypeConfig typeConfig, EmptyCtorDelegate ctorFn, KeyValuePair`2[] typeAccessors)
at ServiceStack.Text.Common.DeserializeType`1.StringToTypeContext.DeserializeJson(ReadOnlySpan`1 value)
at ServiceStack.Text.Json.JsonReader`1.Parse(ReadOnlySpan`1 value)
at ServiceStack.Text.Json.JsonReader`1.Parse(String value)
at ServiceStack.Text.JsonSerializer`1.DeserializeFromString(String value)
at QBM.AppServer.Base.SessionAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
at ServiceStack.Auth.AuthenticateService.Post(Authenticate request)
at ServiceStack.Host.ServiceRunner`1.<ExecuteAsync>d__13.MoveNext() at ServiceStack.Text.Common.DeserializeTypeRefJson.StringToType(ReadOnlySpan`1 strType, TypeConfig typeConfig, EmptyCtorDelegate ctorFn, KeyValuePair`2[] typeAccessors)
at ServiceStack.Text.Common.DeserializeType`1.StringToTypeContext.DeserializeJson(ReadOnlySpan`1 value)
at ServiceStack.Text.Json.JsonReader`1.Parse(ReadOnlySpan`1 value)
at ServiceStack.Text.Json.JsonReader`1.Parse(String value)
at ServiceStack.Text.JsonSerializer`1.DeserializeFromString(String value)
at QBM.AppServer.Base.SessionAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
at ServiceStack.Auth.AuthenticateService.Post(Authenticate request)
at ServiceStack.Host.ServiceRunner`1.<ExecuteAsync>d__13.MoveNext()
Sorry, but a REST client has to use the login methods provided.
Maybe some other folks here have some more insight into the SAP Successfactor side.
