000037389 - Form control type 'Drop Down Select with Web Service' displays Unauthorized error in RSA Identity Governance & Lifecycle 7.1.1

Document created by RSA Customer Support Employee on Apr 24, 2019Last modified by RSA Customer Support Employee on Feb 14, 2020
Version 40Show Document
  • View in full screen mode

Article Content

Article Number000037389
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.1.1
IssueWhen designing a custom form in RSA Identity Governance & Lifecycle (go to Requests > Configuration > Request Forms tab> {Request form name} Fields > New > General tab), if the Control Type Drop Down Select with Web Service is used to return a response from a Web Service command as in the example below:

User-added image

the Admin API call returns the WebService Result response of Unauthorized.

User-added image

CauseThis is a known issue in RSA Identity Governance & Lifecycle 7.1.1 and has been reported in engineering ticket ACM-97280.

In RSA Identity Governance & Lifecycle 7.1.1, the RSA Admin API Web Service commands now require that a token be passed for authentication. The Control Type Drop Down Select with Web Service dialog does not currently have a method to pass a token to the Web Service command. 

More information on the token requirement can be found in the online Web Services documentation under Admin > Web Services > under Admin Commands > about:

The command expects the following parameters where a * denotes a required parameter:
token* - Session token, retrieved from loginUser. This token must be valid and unexpired.


This issue is resolved in the following RSA Identity Governance & Lifecycle versions and/or patch levels:

  • RSA Identify Governance & Lifecycle 7.1.1 P02
  • RSA Identity Governance & Lifecycle 7.2
The product now allows you to define granular access to specific Admin API Web Service commands without a token if they are called from a Request Form. In the user interface go to Admin > Web Services > Admin tab and select the Configure button for your Admin API command. Check the check box next to Request Forms and Workflows (no token) to allow access to this Admin API Web Services command without a token. 

User-added image