Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to obtain an Access Token using the configured Personal Access Token #63

Open
luisdiaz-americo opened this issue Jan 23, 2023 · 1 comment
Open

Unable to obtain an Access Token using the configured Personal Access Token #63

luisdiaz-americo opened this issue Jan 23, 2023 · 1 comment

Comments

@luisdiaz-americo
Copy link

Greetings, first and foremost, great job @darrenjrobinson on putting this together. Sailpoint is a great IDM tool but it's not "code-commando" friendly, even with API capabilities.

I came across this issue, were I was happily working with the PowerShell module v1.1.5 and =successfully navigated through a lot of the pieces I need to do, m mainly creating and maintaining Access Profiles, I tried to work on it again today after enjoying my weekend and now I am getting this. After following the store of configuration/authentication, when and test with this and got:

Test-IdentityNowCredentials -Verbose
APIv3 credentials are not stored in IdentityNow Configuration.
VERBOSE: POST https://***************.api.identitynow.com/oauth/token with -1-byte payload
Unable to obtain an Access Token using the configured Personal Access Token.

I checked your prior closed issues and removed the stored session (IndentityNowConfiguration.clixml) from %localappdata% and went through the following:

$orgName = "xxxxxxxxxx"
Set-IdentityNowOrg -orgName $orgName

IdentityNow Admin User

$adminUSR = "[email protected]"
$adminPWD = 'xxxxxxxxxxxxxx'
$adminCreds = [pscredential]::new($adminUSR, ($adminPWD | ConvertTo-SecureString -AsPlainText -Force))

IdentityNow Personal Access Token as generated through the IdentityNow Portal and your personal identity profile preferences

$patClientID = '8dff6xxxxx1124d8ea7xxxxxxxxx08e4b99'
$patClientSecret = 'e9534xxxxxxxxxxxxxxx3f0f5fffffffffffff166c78f85548'
$patCreds = [pscredential]::new("$($patClientID)", ($patClientSecret | ConvertTo-SecureString -AsPlainText -Force))

Set-IdentityNowCredential -AdminCredential $adminCreds -PersonalAccessToken $patCreds
Save-IdentityNowConfiguration

Obviously gone through clearing temp files, restarting, removing and importing the module, and installing v1.1.6.

Appreciate any feedback you may be able to provide. I feel like I am missing something very simple, and I'll feel dumb after the fact, but a feeling I am willing to own if it works.

Cheers!

-LD
@luisdiaz-americo
Copy link
Author

Forgot to add.... When trying to run the get the access profiles, get the following:

Get-IdentityNowAuth : Unable to auth client_credentials grant type for *********** v2:False v3:False cred:True
pat:True {"error":"invalid_client","error_description":"Bad client credentials"}
At C:\Program Files\WindowsPowerShell\Modules\SailPointIdentityNow\1.1.6\scripts\Get-IdentityNowAccessProfile.ps1:29
char:16

  • $v3Token = Get-IdentityNowAuth

  •            ~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
    • FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-IdentityNowAuth

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@luisdiaz-americo