Jump to content

Contact Import Utility


Recommended Posts

Hi, 

Seem to be struggling with hornbill contact import utility

Followed all the relevant instructions but seem to be coming across a keysafe related error. the below is what is in the relevant wiki link. has anyone experienced similar issues. i assume either the below or the config file may need tweaking, just not sure what im missing.  

Link: https://wiki.hornbill.com/index.php?title=SQL_Contact_Import

API Key Rules

  • admin:keysafeGetKey
  • admin:portalSetContactAccess
  • data:entityAddRecord
  • data:entityBrowseRecords2
  • data:entityUpdateRecord
  • system:logMessage
  • apps/com.hornbill.core/Contact:changeOrg
  • apps/com.hornbill.servicemanager/ContactOrgRequests:changeOrgRequestSetting
  • apps/com.hornbill.servicemanager/ServiceSubscriptions:add

Below is the error i receive

2024/04/15 13:49:23 [ERROR] API call to retrieve key information from Keysafe failed: The API key being used does not have permission to access this keysafe record

Link to comment
Share on other sites

I'm not sure why you've posted the API Key rules - these are APIs that the API Key can be used to access. They have nothing to do with the KeySafe.

The error is stating that the API Key (i.e. the User the API Key is generated against) does not have permission to access the KeySafe record that you have specified in the config - either they do not have a relevant role or the record itself is limited to specific Users.

Link to comment
Share on other sites

thanks steve, in which case are you aware what could be the issue.

 

api key simply has the aforementioned rules as per wiki

image.png.b155bb244ebe5c4f9284f2a7fc933901.png

subsequently in key safe area, i simply associated the relevant api key, added the instance id etc as normal

image.png.18848247189e3acc0dec7a300637732f.png

followed relevant OBD steps but get the error. i just figured i may not be the only one. any thoughts? before using an hourly credit we have i thought would try support and community forum first to see if could get anywhere with it as i have simply followed the step by step process

Link to comment
Share on other sites

Hi @ilyaas, could you please confirm that you have indeed used the API Key which is behind "contact import 2". If not, then add the API Key which you are using to that same list.

Link to comment
Share on other sites

Hi Sam, 

Yes used the same api key associated to "contact import 2" just checked it again to be sure and it is definitely the same. 

i vaguely recall previously it was either permissions as mentioned earlier or we amended the config file outside the standard to make it work.

Link to comment
Share on other sites

1 hour ago, ilyaas said:

System administrator so full admin rights. 

I'm slightly confused here, there is no Role called "System Administrator" - there is a "Super User" role but this does not mean it ignores the Security model.
The default Admin User is called "System Administrator" but likewise this does not automatically mean it has access to everything on the system.
More importantly, neither the System Administrator User nor the "Super User" Role (if that's the role you meant) should be used for anything except recovering from a catastrophic issue - e.g. your SSO config has broken and System Administrator is the only User who can use Direct Login.

Link to comment
Share on other sites

Thanks Steve.

Can you advise which roles are required in order to make this process work. i will select one of the admins and ensure they have the appropriate rights. feel free to list whatever is required to make this work and i will follow the relevant process.  

i would assume there is maybe a role already available? if not let me know the relevant details and i can create one to complete this scenario.

Link to comment
Share on other sites

@ilyaas,

Could it be that the KeysafeKeyID in the configuration file is set as a string instead of an integer?

"KeysafeKeyID": "123"

whereas it should be:

"KeysafeKeyID": 123

Note the missing set of double-quotes.

I'm going by the source-code of the utility here and not by confirming it separately.

Link to comment
Share on other sites

  • 4 weeks later...

Hi Sam,

Not sure although we have a new developer here so i had him create a process using the API which worked out better so used this method instead.

ilyaas

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...