EntraID aggregation leading to an error

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hello there,

We are using several sources for different population on EntraID: Guests, Admins, and now standart Users. (connector: Azure Active Directory)
However, when agregating we get the following error:

Exception occurred in Iterate Objects - populateRiskyUsersDetails. Error message - Exception occurred in processReadRequest. Error - Exception occurred while trying to receive data from Server. Number of retries exceeded.You cannot perform the requested operation, required scopes are missing in the token.

I checked on IQService log, but token is of course encrypted.

The filter used:

(userType eq ‘Member’) AND NOT (startswith(displayName,‘Admin’))

On other sources we manage to aggregate the Guest accounts, and the Admin accounts. So we know that the account has the right access.

image
image835×646 134 KB

Has anyone got the same error?
How did you debug this?

2

Remove these attributes from your account schema and try aggregation again.

image
image915×278 6.35 KB

3

Hello there,
Thank you for your answer.
I’ll try it and get back to you. :slight_smile:

4

It worked, we no longer have the error on the missing scope.
Thank you for your help.

We mow need to solve the new one. ^^’

image
image783×195 7.26 KB

I’ll check the connector doc to see if there is anything on it.

[EDIT] Had to remove attribute manager to make it work with advanced filters as to documentation:https://documentation.sailpoint.com/connectors/microsoft/entra_id/help/integrating_entra_id/aggregation_settings.html