1

I have a web application that exposed an SCIM api endpoint. Then I used Azure AD SCIM validator to validate my SCIM endpoint. Azure AD needs a token to be able to connect to my app.

Problem is I generate Oauth 2 token using postman, I use this token in SCIM validator but the token does not work. It always responds as Invalid Credentials.

The token when used with Postman works though.

Anybody encountered same problem? Any help is appreciated.

enter image description here

jetpack
  • 169
  • 1
  • 9
  • 1
    can you confirm how you're inputting the token? It should be just the Access Token (and not include `"Bearer "`) you can try this curl call and confirm if you get a response `curl -v "https://SCIM_ENDPOINT/Users/?filter=userName+eq+%22abc%22" --header "Authorization: Bearer TOKEN""` The response should be status 200 with a SCIM ListResponse of 0 Resources. – Peter Oct 05 '22 at 17:30
  • Im using access token without the `bearer`. If I use postman, the token works. I check the scim validator request URI. It sends request to `SCIM_ENDPOINT` which my app accepts. But after that, it sends request to `/error'...this is what is failing....I dont understand why scim validator sends this `/error` request – jetpack Oct 06 '22 at 02:01
  • Hi @Peter, I finally get it to connect!....Thanks for your suggestion....indeed Azure AD scim validator sends this request "https://SCIM_ENDPOINT/Users/?filter=userName+eq+%22abc%22".........the response was quite confusing but now I understand. Thank you. – jetpack Oct 06 '22 at 05:11
  • Hi @jetpack: I am having the same issue, could you please elaborate or give some details on what you di to get it fixed? Appreciate your help. – Sachin Apr 21 '23 at 20:28
  • Hi @Sachin. Just append `/Users` on your endpoint. That is what solved my problem. – jetpack Apr 25 '23 at 15:50
  • @jetpack: Thanks for responding back. I added /Users but now I am getting Invalid credentials! Please confirm if token is valid and try again. SCIM Endpoints should respond with HTTP OK (200), and SCIM JSON with header application/scim+json. Just a question: do you fill values for all attributes on second page? – Sachin Apr 25 '23 at 19:43
  • Sorry for late response, no I dont fill them all – jetpack May 09 '23 at 17:49

1 Answers1

-1

The way I resolve this is that the endpoint I put in the Scim Validator ends in /Users

example:

http://my-project/scim/v2/Users

in your case, maybe http://[scim endpoint]/Users

Previously, I just supply http://my-project/scim/v2 and I get an Invalid Credentials error....

jetpack
  • 169
  • 1
  • 9