Question

SCIM Configuration IFSCloud - Azure AD

darshana
Rank
Userlevel 2
Badge +6

Hi Team,

We encountered an issue while we are provisioning Microsoft azure application to an IFS Cloud installation. 

I am not sure if it even works in 22R2 or if we need to upgrade to 23R1.?

Can someone please confirm it. Please 

https://docs.ifs.com/techdocs/22r2/030_administration/010_security/025_scim/010_scim_configuration_example/

Thanks,

Darshana pathum

 

10 replies

Anil Dubey
Rank
Userlevel 3
Badge +6

@darshana : I can confirm you that SCIM Configuration with Azure AD is working fine for us on 22R2. We have implemented it for several customers and in various use place environments

You can share the issue you are facing,  I will try to answer you

darshana
Rank
Userlevel 2
Badge +6

I will back to you soon with further information 

D
Rank
Userlevel 2
Badge +7

Hi @Anil Dubey

attempting SCIM but always get error 400 {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"scimType":"noTarget","detail":"No matching filter value found.","status":"400"}

support ticket resulted in a fix in 23.2.2 - 23R2 SU2 which is applied now, however, still same error.

We used to sync via AD, database has been upgraded to IFS Cloud version. Any tips?

Thanks, much appreciated.

Dominik

Anil Dubey
Rank
Userlevel 3
Badge +6

Hi @dominikdurrer ,

 

Could you please regenerate the SCIM Offline Token and check again

In case if you still face the issue, send the attribute mapping screenshot + full error text

 

Regards,

Anil

 

 

D
Rank
Userlevel 2
Badge +7

Hi @Anil Dubey 

SCIM Offline Token I had to regenerate after the upgrade as the old one seems to have been invalidated.

Error message:

Failure

Action

Update

UPN

alvaro.morata@emhartglass.com

Type

urn:ietf:params:scim:schemas:extension:enterprise:2.0:User

Details

Error code

SystemForCrossDomainIdentityManagementServiceIncompatible

Error message

StatusCode: BadRequest Message: Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the 'Response' property of this exception for details. Web Response: {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"scimType":"noTarget","detail":"No matching filter value found.","status":"400"}

Mapping attached, customization was done for WORK (tried also work) as address ID type which we used.

 

Thanks a lot

Dominik

Anil Dubey
Rank
Userlevel 3
Badge +6

Hi @dominikdurrer ,

 

Can you do below changes (together or one by one) and let me know if it is working or not

  • use accountEnabled (microsoft attribute) for active (customappsso attribute)
  • remove preferredlanguage from the mapping
  • use physicalDeliveryOfficeName (microsoft attribute) for address.formatted (customappsso attribute)
  • remove externalid from the mapping

This are the troubleshooting steps to understand which attribute mapping is causing the error. Once, you know which one is the root cause, we can see what is the solution for it

 

Regards,

Anil

D
Rank
Userlevel 2
Badge +7

Hi @Anil Dubey 

appreciate your feedback very much. Tried all one after the next, all together still not working.

Best regards

Dominik

Anil Dubey
Rank
Userlevel 3
Badge +6

Hello @dominikdurrer ,

Its not normal that it is not working with some of the standard attributes. Unfortunately, we cant do further troubleshooting via this channel

Now, the next best step is to see this issue with IFS cloud ops team via ticket

 

Once you fix it, do let us know the root cause :)

All the best!

 

Regards,

Anil

 

 

D
Rank
Userlevel 2
Badge +7

Hi @Anil Dubey

I managed it in the end. You are right, standard attributes don’t really work. deleting all user mapping and starting fresh with just the bare minimum did the trick.

Index - Technical Documentation For IFS Cloud

Still not yet understood how I can control the address ID, and struggle with phone numbers, but step by step.

Dominik

Anil Dubey
Rank
Userlevel 3
Badge +6

its a great news finally @dominikdurrer 

all the best for the next steps!

Reply


Terms & ConditionsCookie settings