0
Answered

SCIM gateway returns 401 Unauthorized HTTP status

Adrian Corston 3 years ago in UNIFYBroker Service updated by Beau Harrison (Senior Product Software Engineer) 3 years ago 4

I am setting up a SCIM gateway in UNIFYBroker, and it is returning a 401 (Unauthorized) error.

I have checked the Bearer token in the request header matches the Audience configuration in UNIFYBroker.

Do you have any suggestions what might be going wrong?

Obviously once this is working I will change the secret token shown above.

Images didn't load, trying again:

There is nothing relevant being written to the UNIFYBroker log at the Normal level.

Under review

The SCIM gateway expects the authorization header to be a JWT bearer token, not the raw audience. If the audience is configured in the gateway then the tokens audience must match that value to be valid. The same applies with tenant.

My memory if fuzzy on this, but I believe you need to not have anything set in the Secret Token value in the AAD application configuration. When you provide a value it uses that as the auth token, but if you don't it generates a default AAD one.

Is that audience UUID what you have set in the Secret Token? If so try removing it.

Thanks Beau, perfect - that worked.

Answered

Great. I've updated the documentation to include this information.