Error when configuring SCIM Gateway
Attempting to post the following to AddSCIMGateway
{
"DisplayName":"SCIM Gateway",
"Comment":"",
"Extended":{
"Address":"http://40.118.23.253:59991/IdentityBroker",
"Audience":"",
"Tenant":"https://unifyb2cworkshop.onmicrosoft.com/",
"UserIdLookupField":"upn",
"UsersMappings":{
"AdapterId":"df97e04e-4d4c-475e-bf89-8a6c3f1b66d3",
"Mappings":{}
},
"GroupsMappings":{
"AdapterId":"e7db372f-a14d-4fdc-909b-2406b8b3f874",
"Mappings":{}}
}
}
Receive the following Error Response. Thanks in advance!
{
"Message": "An error has occurred.",
"ExceptionMessage": "Response status code does not indicate success: 404 (Not Found).",
"ExceptionType": "System.Net.Http.HttpRequestException",
"StackTrace": " at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()\r\n at Microsoft.Owin.Security.ActiveDirectory.WsFedMetadataRetriever.GetSigningKeys(String metadataEndpoint, TimeSpan backchannelTimeout, HttpMessageHandler backchannelHttpHandler)\r\n at Microsoft.Owin.Security.ActiveDirectory.WsFedCachingSecurityTokenProvider.RetrieveMetadata()\r\n at Microsoft.Owin.Security.ActiveDirectory.WsFedCachingSecurityTokenProvider..ctor(String metadataEndpoint, ICertificateValidator backchannelCertificateValidator, TimeSpan backchannelTimeout, HttpMessageHandler backchannelHttpHandler)\r\n at Owin.WindowsAzureActiveDirectoryBearerAuthenticationExtensions.UseWindowsAzureActiveDirectoryBearerAuthentication(IAppBuilder app, WindowsAzureActiveDirectoryBearerAuthenticationOptions options)\r\n at Microsoft.SystemForCrossDomainIdentityManagement.WebApplicationStarter.ConfigureApplication(IAppBuilder applicationBuilder)\r\n at Microsoft.Owin.Hosting.Engine.HostingEngine.Start(StartContext context)\r\n at Microsoft.SystemForCrossDomainIdentityManagement.Service.Start(Uri baseAddress)\r\n at Unify.Product.IdentityBroker.SCIMGateway.StartGateway()\r\n at Unify.Product.IdentityBroker.GatewayBase.Start()\r\n at Unify.Product.IdentityBroker.GatewayNotifierDecorator.Start()\r\n at Unify.Product.IdentityBroker.GatewayRepository.AddAndStart(IOperationalGateway gateway)\r\n at Unify.Product.IdentityBroker.GatewayEngine.<>c__DisplayClass31_0.<ConfigurationChange>b__0()\r\n at Unify.Framework.ExtensionMethods.WaitOnMutex(Mutex mutex, Action work)\r\n at Unify.Framework.Notification.NotifierDecoratorBase.Notify(ITaskNotificationFactory notificationFactory, Action action)\r\n at Unify.Product.IdentityBroker.GatewayEngineNotifierDecorator.Add(IGatewayConfiguration gateway)\r\n at Unify.Product.IdentityBroker.GatewayEngineAuditingDecorator.Add(IGatewayConfiguration gateway)\r\n at Unify.Product.IdentityBroker.GatewayController.InnerAddGateway[T](GatewayApiInformation`1 gatewayInformation, Guid gatewayId, XElement extended)\r\n at Unify.Product.IdentityBroker.GatewayController.AddSCIMGateway(SCIMGatewayApiInformation gatewayInformation)\r\n at lambda_method(Closure , Object , Object[] )\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClass10.<GetExecutor>b__9(Object instance, Object[] methodParameters)\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext controllerContext, IDictionary`2 arguments, CancellationToken cancellationToken)\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Controllers.ApiControllerActionInvoker.<InvokeActionAsyncCore>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Controllers.ActionFilterResult.<ExecuteAsync>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Dispatcher.HttpControllerDispatcher.<SendAsync>d__1.MoveNext()"
}
Customer support service by UserEcho
I am seeing the same error, two years later.
Could you please provide more information for the root cause of this error?
Hi Adrian,
I've added you to the comments that Adam Bradley made regarding configuration. His issue seemed to be related to an incorrect Address / Audience / Tenant configuration, hence the ticket was marked as 'Not a Bug'.
If you're still having issues, please attach your config.
Thanks. Summary for anyone seeing this error in the future:
1. Get the Audience GUID from Azure Portal following Adam Bradley's instructions at the bottom of this page: https://voice.unifysolutions.net/knowledge-bases/7/articles/3332-scim-gateway
2. The Tenant is the hostname (no https:// prefix) of the Azure instance (e.g. m365x123456.onmicrosoft.com)
3. The User ID Lookup Field can be "[DN]" to use the user object DN, or any other field without square brackets e.g. "upn"