have no error info when call servicenow token api via logstash - logstash

have no error info but failed when call servicenow token api via logstash. It was working in postman.error info pic
postman pic
configuration file pic
any dalao know how to fix it please?

Related

Authorization failed when trying to log into AWS using SSO using internal Azure Platform

I am trying to use an AWS single sign on script from my company to log into aws using the internal Azure Platform. When trying to log into the platform using SSO, I receive the following error messages:
Logging in to Azure AD...
Please enter your username(email address): test#company.com
Please enter your password: ********
Login failed: Authorization failed, please activate company's VPN.
The logs of the sso script show me this information:
2022-07-11 11:57:42,042 auth_with_adfs 207 | DEBUG | loginMessage: Authorization failed
2022-07-11 11:57:42,042 log_in_to_aad 174 | ERROR Login failed: Authorization failed, please activate your company's VPN.
I have activated the VPN so that is not the issue.
By looking at the internals of the files that raise those errors I found out that during the failed login process the login page for the Microsoft Office 365 Identity Platform is returned.
The login webpage tells me that I receive the following error when logging in with my credentials:
Error details: MSIS7012: An error occurred while processing the request. Contact your administrator
My POST request seems to be redirected with a 302 code and GET the login page with a 200 OK response.
So I can tell that I get stuck during the login process and according to the error message it is an authorization issue. My credentials are correct so I am wondering what needs to be changed here to get correct access? Is there some permissions missing I should have a closer look at? Do I need to make changes in AzureAD somehow?
Thanks in advance for looking into this, I know the information is sparse but I hope it is enough.

Microsoft.graph getting compacttoken parsing failed with error code: 80049217 error

I am trying to use Microsoft.Graph to access the onedrive files. I am referring to the sample provided on GitHub link
https://github.com/OneDrive/onedrive-texteditor-js
in this sample while getting the file link(CreateLink). I am getting following error
{"error":{"code":"InvalidAuthenticationToken","message":"CompactToken parsing failed with error code: 80049217","innerError":{"date":"2022-03-21T12:49:24","request-id":"45725ccf-a752-45c3-8208-9040e4177e4b","client-request-id":"45725ccf-a752-45c3-8208-9040e4177e4b"}}}
Do I need some subscription to do this setting or am I missing anything?
Is there any other setting is required to resolved this access issue?
Is there any other way of getting the sharelink of onedrive file?
What I have tried:
I have given API Permissions in Microsoft azure application of which I have used the applicationId in request. I have found one URL: https://learn.microsoft.com/en-us/azure/app-service/scenario-secure-app-access-microsoft-graph-as-user?tabs=azure-resource-explorer%2Cprogramming-language-csharp.
(Configure App Service to return a usable access token) But I could not find this setting in my azure application.
Please check below 2 steps to diagnose the problem,
1.Login into https://developer.microsoft.com/en-us/graph/graph-explorer , Hit the same API and check access token on jwt.ms and make sure you have required permissions to perform.
2.Also check your token expiry time (exp), might be it got expired. Go to jwt.ms to check token details, check the attached image to see where you find token exp_time.
If the token got expired ,please follow the docs to get new token.

Error 403 Forbidden when connect to Microsoft Defender API using Filebeat

I am trying to connect to Microsoft Defender API using Elastic Filebeat. I followed the instructions here register a new application with granted permission.
Create app for Microsoft Defender
However, when trying to call the api, i encountered this message:
Error while processing http request: failed to execute http client.Do:
server responded with status code 403:
{"error":{"code":"Forbidden","message":"The application does not have
any of the required application permissions (Alert.ReadWrite.All,
Alert.Read.All, Incident.ReadWrite.All, Incident.Read.All) to access
the resource.","target":}} {"input_source":
"https://api.security.microsoft.com/api/incidents", "input_url":
"https://api.security.microsoft.com/api/incidents"}
Can anyone assist me on this ?
EDIT: Added JWT token screenshot for reference if needed
JWT decoded screenshot
Your token lacks permissions, you need to use the client credential flow to obtain the token:
Parse the token:

404Resource Not Found postman post request for speech to text REST API

I tried to use REST API azure cognitive services for speech to text transcription. The resource is created on azure portal with key and endpoint (https://westeurope.api.cognitive.microsoft.com/sts/v1.0/issuetoken)
When I try to create POST request from postman for some audio file form file system I got the error
**404Resource Not Found **
Using Postman I defined URL https://westeurope.api.cognitive.microsoft.com/sts/v1.0/issuetoken/v1?language=de-DE&format=detailed
and created the parameters for language and format
In HeadersI added values for
Ocp-Apim-Subscription-Key:....
Accept:application/json;text/xml
Content-Type: audio/wav;codecs=audio/pcm;samplerate=16000
And in Body I selected binary option and find audio file in folder but after that got error 404?
Is there any missing step in preparing the request for an audio file?
Here are screenshots of steps what I did:
1.
3.

error on sending skype BOT messges

I have obtained the access token via https://login.microsoftonline.com/common/oauth2/v2.0/token and with that token tried to send a message using this url https://apis.skype.com/v3/conversations/conversationId/activities/. But i am getting this error "401: The provided 'OAuth' ticket failed authentication.".
What could be the issue here

Resources