darrenjrobinson / powershell_module_identitynow

SailPoint IdentityNow PowerShell Module
https://blog.darrenjrobinson.com/sailpoint-identitynow/
MIT License
47 stars 15 forks source link

Unable to obtain an Access Token using the configured Personal Access Token #63

Open luisdiaz-americo opened 1 year ago

luisdiaz-americo commented 1 year ago

Greetings, first and foremost, great job @darrenjrobinson on putting this together. Sailpoint is a great IDM tool but it's not "code-commando" friendly, even with API capabilities.

I came across this issue, were I was happily working with the PowerShell module v1.1.5 and =successfully navigated through a lot of the pieces I need to do, m mainly creating and maintaining Access Profiles, I tried to work on it again today after enjoying my weekend and now I am getting this. After following the store of configuration/authentication, when and test with this and got:

Test-IdentityNowCredentials -Verbose APIv3 credentials are not stored in IdentityNow Configuration. VERBOSE: POST https://***************.api.identitynow.com/oauth/token with -1-byte payload Unable to obtain an Access Token using the configured Personal Access Token.

I checked your prior closed issues and removed the stored session (IndentityNowConfiguration.clixml) from %localappdata% and went through the following:

$orgName = "xxxxxxxxxx" Set-IdentityNowOrg -orgName $orgName

IdentityNow Admin User

$adminUSR = "xxxxxxxx@xxxxx.com" $adminPWD = 'xxxxxxxxxxxxxx' $adminCreds = [pscredential]::new($adminUSR, ($adminPWD | ConvertTo-SecureString -AsPlainText -Force))

IdentityNow Personal Access Token as generated through the IdentityNow Portal and your personal identity profile preferences

$patClientID = '8dff6xxxxx1124d8ea7xxxxxxxxx08e4b99' $patClientSecret = 'e9534xxxxxxxxxxxxxxx3f0f5fffffffffffff166c78f85548' $patCreds = [pscredential]::new("$($patClientID)", ($patClientSecret | ConvertTo-SecureString -AsPlainText -Force))

Set-IdentityNowCredential -AdminCredential $adminCreds -PersonalAccessToken $patCreds Save-IdentityNowConfiguration

Obviously gone through clearing temp files, restarting, removing and importing the module, and installing v1.1.6.

Appreciate any feedback you may be able to provide. I feel like I am missing something very simple, and I'll feel dumb after the fact, but a feeling I am willing to own if it works.

Cheers!

-LD

luisdiaz-americo commented 1 year ago

Forgot to add.... When trying to run the get the access profiles, get the following:

Get-IdentityNowAuth : Unable to auth client_credentials grant type for *** v2:False v3:False cred:True pat:True {"error":"invalid_client","error_description":"Bad client credentials"} At C:\Program Files\WindowsPowerShell\Modules\SailPointIdentityNow\1.1.6\scripts\Get-IdentityNowAccessProfile.ps1:29 char:16