000037520 - Troubleshooting Web Services in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Jun 6, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037520
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0+

Check the following:

  1. In the RSA Identity Governance & Lifecycle user interface, go to the Admin > Web Services page.

  • Check to see if the Web Services Interface is ON or OFF.
  • The Web Services Interface must be set to ON to enable the use of Web Services and the mobile app.

  1. Validate the command you are attempting to run against the commands listed on the Admin > Web Services page.

  • If the command is not listed, it is either not available in the release, or it is disabled in the aveksa-plug-ins.xml file (which is located in the plug-ins/name of command handler/aveksa-plug-ins.xml file).

  1. Validate the method you used.

  • For example: POST
  • Some commands need to be sent via POST. See the documentation for this specific command on the Admin Web Services page.

  1. Validate the URL you used.

  1. Validate the body content you sent.

  • For example: <username>kathy</username><password>Password would go here but please do not include it</password>
  • On the Admin > Web Services page, check the documentation for this specific command. This will list the requirements for the command. In particular, note any required parameters, and check the Security section. Some commands need to be invoked from an allowed IP address. Others require a token, or require a token associated with an admin user.

In the event that the steps above have not resolved the issue, please contact RSA Customer Support.  Please have  responses to the questions below, along with a comprehensive description of the problem when you contact us.


Additional Questions for Support:

  1. If the URL includes a token (for example, if you see &token= in the URL), does that token work for other commands?
  2. If the URL includes a token, do other tokens work for this command?
  3. On the Admin > Web Services page, what is the complete list of IPs allowed to invoke web services?
  4. Does the command work if you invoke it from another IP address?
  5. Do other commands work?
  6. Does the problem occur consistently (every time), or intermittently?
  7. If the problem occurs intermittently, is there any distinguishable pattern between successes and failures?

  • For example: if it fails on every other run, fails at certain times of the day, fails on certain types of actions but not others, etc. 

  1. Please provide the complete response sent back by the server, including both response header and response body.
  2. What version and patch level  of RSA Identity Governance & Lifecycle  are you running? What platform?
    • For example: Server Version:, Database Version:, no patches       
  3. On the Admin > System > Settings page, what are the settings for the web services session?
    • For example: Session inactivity timeout: 10 minutes, Session lifetime timeout: 120 minutes
    • Tokens can and will expire. You may need to get a new one (from the loginUser command).       
  4. Does the command work if you invoke it with HTTP (instead of HTTPS)?

  • Note that certain web services require that you use HTTPS by default. However, this can be disabled if you go to Admin > System and ensure that Require secure connections is set to No.
ResolutionSee Tasks.