My Oracle Support Banner

OIM Request Approve/Reject REST API Failing For Parallel Approvals: Checking if user <<USER_ID>> can perform action VIEW_TASK failed (Doc ID 2622342.1)

Last updated on DECEMBER 20, 2019

Applies to:

Identity Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

Custom UI for management of approvals. There is a business requirement in which the Create Role request needs to go through a series of parallel role approvals (1 or more) followed by a serial role approval. Developed a custom SOA composite for this requirement and is deployed on SOA servers.

From the OIM UI, the approvals/rejections are working as expected and the role is getting created correctly. 


From custom UI, invoking the following API:

HTTP Method: PUT
URL: https://<LB_URL>/iam/governance/selfservice/api/v1/requests/{reqID}
Headers: Accept & Content-type : application/json, Authorization : sso token.
Body:
{
  "requestId": "872003",
  "action": "approve"
}

This API is working for approval from one role and then other roles are unable to approve. Getting the following error in the SOA server logs:


< getTaskDetailsById: error: User is not allowed to see the task details. token = <> ctxUser = <> taskId = <>>
< VerficationService.checkOrLogUserTaskAction: Checking if user <> can perform action VIEW_TASK failed. Task Details: Task Id: <> State: null AssigeeUsers: [] AcquiredBy: null Permitted actions are: [] Roles played by user:[PUBLIC]>

The same user can perform the action correctly using OIM UI.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.