Symantec Access Management

  • Private Community

  • 1.  SSO Rest API - Error Creating Realms

    Posted Feb 22, 2018 06:13 PM
      |   view attached

    Hi Everyone,

    I'm trying to use SSO's Rest API to create a realm for a domain but I keep running into this error:

      

    {
      "responseType": "error",
      "status": 400,
      "data": [
        {
          "msgId": "SMRESTAPI_806",
          "args": [
            "com.ca.siteminder.sdk.restimpl.Search@4d7b79da"
          ],
          "message": "Wrong path for post search: com.ca.siteminder.sdk.restimpl.Search@4d7b79da",
          "code": 806
        }
      ]
    }

     

    I've been using the example value provided in order to create it, but it doesn't seem to be going through. Some of the values were optional, but I essentially want to connect the realm to an Agent, Agent Group, Domain, and Authentication Scheme.
    I've attached the script of what I used. If anyone can help to take a look and let me know what I'm missing or anything, that would be great

     

    Thanks,
    Kelly

    Attachment(s)

    zip
    createrealm.txt.zip   840 B 1 version


  • 2.  Re: SSO Rest API - Error Creating Realms
    Best Answer

    Broadcom Employee
    Posted Mar 02, 2018 02:24 PM

    Unsure if you are using Swagger interface.  If so it will not work. A defect has been logged.  You need to use CA Java SDK.



  • 3.  Re: SSO Rest API - Error Creating Realms

    Posted Mar 30, 2018 05:18 AM

    Hello,

     

    Got the same problem.... Do you know in which version it will be fixed ? Do you have any payload sample to create a new realm for a specific domain ?

     

    Thank you,

    Julien.



  • 4.  Re: SSO Rest API - Error Creating Realms

    Posted Mar 30, 2018 08:27 AM

    Was able to make it work by using a POST to /ca/api/sso/services/policy/v1/SmDomains/{SmDomainName}/SmRealms/

    where {SmDomainName} is the Domain where we want to attach the realm.

    The payload is closed to yours

     

    {
    "type": "SmRealm",
    "Name": "Julien",
    "SyncAudit": false,
    "MaxTimeout": 36000,
    "ProcessAuthEvents": false,
    "ResourceFilter": "/julien/index.html",
    "ProtectAll": true,
    "ProcessAzEvents": true,
    "IdleTimeout": 36000,
    "SessionType": "Non-peristent",
    "SessionDrift": -1,
    "AuthSchemeLink": {
    "id": "CA.SM::AuthScheme@0d-3a9b9047-4e90-0017-0000-6abb00006abb",
    "path": "/SmAuthSchemes/appli-faible",
    "href": "https://10.170.181.60:8443/ca/api/sso/services/policy/v1/objects/CA.SM::AuthScheme@0d-3a9b9047-4e90-0017-0000-6abb00006abb"
    },
    "AgentGroupLink": {
    "id": "CA.SM::AgentGroup@02-000a5d15-69f6-1228-8b8d-0c120ac5d0e4",
    "path": "/SmAgentGroups/msi-01-monsi",
    "href": "https://10.170.181.60:8443/ca/api/sso/services/policy/v1/objects/CA.SM::AgentGroup@02-000a5d15-69f6-1228-8b8d-0c120ac5d0e4",
    "desc": "AGENT GROUP DESC. BATCH"
    },
    "AzUserDirLink": {
    "id": "CA.SM::UserDirectory@0e-3a9b8ec7-6b6e-0017-0000-6abb00006abb",
    "path": "/SmUserDirectories/ASE",
    "href": "https://10.170.181.60:8443/ca/api/sso/services/policy/v1/objects/CA.SM::UserDirectory@0e-3a9b8ec7-6b6e-0017-0000-6abb00006abb"
    }
    }

     

    Hope it helps,

    Julien.