When trying to make an web service call using Policy Xpress, defined in a PX Data Element, the following error occurs when testing the element:

Error: The test has failed to run with the following error: "Failed running web service" which was caused by "Internal Error."

The same call works via the PX Action tab vs. the Data tab.

The SOAP request is passing in a WSS security token and the code in the Data tab (vs Action tab) is unable to transform that token and thus considers it a bad request and throws the invalid error before dispatching the request to the web service.  The Action tab follows a different code path which has different transform functionality.

Support for web service tokens is being considered as a product enhancement for a future version of Identity Manager.

If using the currently supported authentications methods (anonymous and basic username/password) is not possible, a workaround is to utilize the CA API Gateway.  Add the necessary X509 cert into the SOAP body in the Gateway policy.  The Gateway will communicate to the web service, and the Policy Xpress data element connects to the Gateway, secured with username/password.

More information on CA API Gateway can be found here:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/11-0.html