luisdiaz-americo
commented
1 year ago Forgot to add.... When trying to run the get the access profiles, get the following:
Get-IdentityNowAuth : Unable to auth client_credentials grant type for *** v2:False v3:False cred:True pat:True {"error":"invalid_client","error_description":"Bad client credentials"} At C:\Program Files\WindowsPowerShell\Modules\SailPointIdentityNow\1.1.6\scripts\Get-IdentityNowAccessProfile.ps1:29 char:16
- $v3Token = Get-IdentityNowAuth
-
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-IdentityNowAuth
Greetings, first and foremost, great job @darrenjrobinson on putting this together. Sailpoint is a great IDM tool but it's not "code-commando" friendly, even with API capabilities.
I came across this issue, were I was happily working with the PowerShell module v1.1.5 and =successfully navigated through a lot of the pieces I need to do, m mainly creating and maintaining Access Profiles, I tried to work on it again today after enjoying my weekend and now I am getting this. After following the store of configuration/authentication, when and test with this and got:
Test-IdentityNowCredentials -Verbose APIv3 credentials are not stored in IdentityNow Configuration. VERBOSE: POST https://***************.api.identitynow.com/oauth/token with -1-byte payload Unable to obtain an Access Token using the configured Personal Access Token.
I checked your prior closed issues and removed the stored session (IndentityNowConfiguration.clixml) from %localappdata% and went through the following:
$orgName = "xxxxxxxxxx" Set-IdentityNowOrg -orgName $orgName
IdentityNow Admin User
$adminUSR = "xxxxxxxx@xxxxx.com" $adminPWD = 'xxxxxxxxxxxxxx' $adminCreds = [pscredential]::new($adminUSR, ($adminPWD | ConvertTo-SecureString -AsPlainText -Force))
IdentityNow Personal Access Token as generated through the IdentityNow Portal and your personal identity profile preferences
$patClientID = '8dff6xxxxx1124d8ea7xxxxxxxxx08e4b99' $patClientSecret = 'e9534xxxxxxxxxxxxxxx3f0f5fffffffffffff166c78f85548' $patCreds = [pscredential]::new("$($patClientID)", ($patClientSecret | ConvertTo-SecureString -AsPlainText -Force))
Set-IdentityNowCredential -AdminCredential $adminCreds -PersonalAccessToken $patCreds Save-IdentityNowConfiguration
Obviously gone through clearing temp files, restarting, removing and importing the module, and installing v1.1.6.
Appreciate any feedback you may be able to provide. I feel like I am missing something very simple, and I'll feel dumb after the fact, but a feeling I am willing to own if it works.
Cheers!
-LD