Hi,
Can you please help me how to get Client ID & Client Secret?
FYI, SAS Viya was deployed a year back by old Admin. Now Azure Active Directory team telling Security Key/Token is expired.
So they are asking me to send the new Access token. But I am not sure where the old Client ID & Client secret are present in the environment.
Can anyone tell me how to get client ID & secret So that I can regenerate the Access token as per below doc?
https://blogs.sas.com/content/sgf/2021/09/24/authentication-to-sas-viya/
Here 2nd doc shows I need not to do first 3 steps again now. But I dont have Client credentails -Client ID & Secret?
Or Are these ID & Secret should be provided by AAD (SCIM Provider)?
Thanks
RaviSPR
Thanks a lot for the reply.
Main Issue- Old Secure tokens at Azure AD sites has expired. So I need to provide new Access token to reenable the SCIM for pushing users to SAS Viya.
I followed 5 steps in the manual Client registration. New issue raised now.
Viya Site- https://sasviyxxx.xxxxweb.xxxxx.com
This is the site which our Viya users & myself have access & do admin work.
When I used above site in the 3rd & 5th steps I am getting Bearer Token & Access token. I gave these 2 tokens to Azure AD team for Reauthorizing our SAS Viya through SCIM. But when he click on Test connection in Azure portal with these tokens it is showing invalid credentials.
In the Admin Credentials section, complete the following steps:
/identities/scim/v2/
.
If you configured the system correctly, you will receive a successful response.
Here, AD team using -https://sasviyxxx.xxxxglobal.xxxx.com at Tenant URL field in Azure portal and doing Test connection.
[sas@zneuxx34 sas_viya_playbook]$ ACCESS_TOKEN=`curl -skX POST "https://sasviyxxx.xxxxweb.bp.com/SASLogon/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
-u "idp-client-id:idp-client-secret"| awk -F: '{print $2}'|awk -F\" '{print $2}'`; echo "The client access-token is: " ${ACCESS_TOKEN};
The client access-token is: eyJhbGciOifgfgffd......
Here I am getting Access token successfully.
Note- I used idp-client-id & idp-client-secrent as it is & it worked fine. FYI I dont know old Client ID & secrets.
Viya SIte - https://sasviyxxx.xxxxglobal.xxxx.com
We don't have access to this site & as Azure AD team using above site at their end, I tried to register this site at my end.
But in the 3rd step only, I am not getting any access token as shown below.
[sas@zneuxxxx34 sas_viya_playbook]$ ACCESS_TOKEN=`curl -skX POST "https://sasviyxxx.xxxxglobal.xxxx.com/SASLogon/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
-u "idp-client-id:idp-client-secret"| awk -F: '{print $2}'|awk -F\" '{print $2}'`; echo "The client access-token is: " ${ACCESS_TOKEN};
The client access-token is:
[sas@zneuxx34 sas_viya_playbook]$
Here No access token generated.
Fyi - we don't have access to - https://sasviyxxx.xxxxglobal.xxxx.com
When I tried to access above site, it is throwing error- Site cannot be reached & ....server IP address could not be found.
Query:
How can I get the access token for ....global.xxx.com site which is used at Azure side for testing connectivity?
Is this ...global.xxx.com should be accessible from my Virtaul machine then only I can get access token?
I saw one email in which old Admin asked AD team to test the ..global.xxx.com site by providing access token in the email.And that's why I guess AD team is using Global website instead of ..xxxweb.xxx.com.
Could you please help me on this?
Thanks
RaviSPR
Thank You all.
Yes. idp-client-id & idp-client-secret were used as it is while creating tokens.
Finally the issue is resolved by updating the Certificate in Azure portal which was used for updating SSL certificates on SAS Viya.
@gwootton covers most everything you need. A couple of follow up notes.
Join us for SAS Community Trivia
SAS Bowl XLVIII, All Things Models
Wednesday, February 19, 2024, at 10:00 a.m. ET | #SASBowl
Join us for SAS Innovate 2025, our biggest and most exciting global event of the year, in Orlando, FL, from May 6-9. Sign up by March 14 for just $795.