guduru510
(Sravan Kumar guduru)
March 6, 2024, 9:37pm
1
Does the SCIM 2.0 connector sends create requests in two different calls ?
Create user request ( Once this is completed)
PUT Groups to add user to the group ( in our case we have set updateGroupsViaUsers to false)
Our Creation operation is failing with the below error message, even thought we have our provisioning policy is in place
openconnector.ConnectorException: Missing property in path $[‘patch’]
below is how our provisioning policy looks like for create user
703hardik
(Hardik Sharma)
March 7, 2024, 7:08am
2
Hello Sravan,
Welcome back to the Developer community!
Are you using any provisioning rules as well? If yes please attach that too. Also, attach the full error message that you are facing. The error you are getting might be because of the JSON path attached to the request.
P.S. The provisioning policy you attached is not visible.
guduru510
(Sravan Kumar guduru)
March 7, 2024, 2:05pm
3
Hi Hardik,
No i am not using any provisioning rules i am only using create provisioning policy, below is my create provisioning policy
<ProvisioningForms>
<Form name="Create-Policy" objectType="account" type="Create">
<Attributes>
<Map>
<entry key="pageTitle" value="Create-Policy"/>
</Map>
</Attributes>
<Section name="Create">
<Field name="id" type="string">
<Script>
<Source>return identity.getAttribute("corpId");</Source>
</Script>
</Field>
<Field name="userName" type="string">
<Script>
<Source>return identity.getAttribute("corpId");</Source>
</Script>
</Field>
<Field name="active" type="string">
<Script>
<Source>return true;</Source>
</Script>
</Field>
<Field name="meta.created" type="string">
<Script>
<Source>return "2017-06-03 09:25:16.0";</Source>
</Script>
</Field>
<Field name="meta.lastModified" type="string">
<Script>
<Source>return "2017-06-03 09:25:16.0";</Source>
</Script>
</Field>
<Field name="meta.version" type="string">
<Script>
<Source>return "8";</Source>
</Script>
</Field>
<Field name="meta.location" type="string">
<Script>
<Source>return "https://example.com/scim2/v1/test/Users/";</Source>
</Script>
</Field>
<Field name="meta.resourceType" type="string">
<Script>
<Source>return "User";</Source>
</Script>
</Field>
</Section>
</Form>
<Form name="Update-Policy" objectType="account" type="Update">
<Attributes>
<Map>
<entry key="pageTitle" value="Update-Policy"/>
</Map>
</Attributes>
<Section name="Update">
<Field name="id" type="string">
<Script>
<Source>return identity.getAttribute("corpId");</Source>
</Script>
</Field>
<Field name="userName" type="string">
<Script>
<Source>return identity.getAttribute("corpId");</Source>
</Script>
</Field>
</Section>
</Form>
</ProvisioningForms>
below is how the error message looks like in the logs
ERROR openconnector.connector.scim2.SCIM2RelaxConfigExecutor:172 - Error performing create operationopenconnector.ConnectorException: Missing property in path $[‘patch’]
703hardik
(Hardik Sharma)
March 7, 2024, 4:02pm
4
Two things:
Try removing the Update Policy and try to create a user you might not get patch error then.
Also ensure while creating provisioning policy you are using attribute names correctly.
for example in your policy I noticed
<Field name="userName" type="string">
<Script>
<Source>return identity.getAttribute("corpId");</Source>
</Script>
ensure the name field consists of the correct attribute name from the target application (case sensitive- so that there is no problem in mapping that attribute on the target application while provisioning) and inside your script use the correct identityiq attribute name
guduru510
(Sravan Kumar guduru)
March 7, 2024, 5:13pm
5
Hi Hardik,
I removed update provisioning policy and my attribute mapping seems to be correct but i am still getting the same error.
<ProvisioningForms>
<Form name="Create-Policy" objectType="account" type="Create">
<Attributes>
<Map>
<entry key="pageTitle" value="Create-Policy"/>
</Map>
</Attributes>
<Section name="Create">
<Field name="id" type="string">
<Script>
<Source>return identity.getAttribute("corpId");</Source>
</Script>
</Field>
<Field name="userName" type="string">
<Script>
<Source>return identity.getAttribute("corpId");</Source>
</Script>
</Field>
<Field name="active" type="string">
<Script>
<Source>return true;</Source>
</Script>
</Field>
<Field name="meta.created" type="string">
<Script>
<Source>return "2017-06-03 09:25:16.0";</Source>
</Script>
</Field>
<Field name="meta.lastModified" type="string">
<Script>
<Source>return "2017-06-03 09:25:16.0";</Source>
</Script>
</Field>
<Field name="meta.version" type="string">
<Script>
<Source>return "8";</Source>
</Script>
</Field>
<Field name="meta.location" type="string">
<Script>
<Source>return "https://example.com/scim2/v1/test/Users/";</Source>
</Script>
</Field>
<Field name="meta.resourceType" type="string">
<Script>
<Source>return "User";</Source>
</Script>
</Field>
</Section>
</Form>
</ProvisioningForms>
sreeram
(Sreeram N)
March 8, 2024, 6:37am
6
Hi @guduru510 ,
Could you please trace the workflow and attach it here?
guduru510
(Sravan Kumar guduru)
March 21, 2024, 12:54pm
7
i think it is an patch issue, when we upgrade from 8.2p3 to 8.2p6 it got resolved
guduru510
(Sravan Kumar guduru)
March 25, 2024, 6:39pm
8
i have an another question
my provisioning form looks like in the above one
but when i get the request at target system side it is looking like this
{"id":null,"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"userName":"AAAA","groups":null,"active":true,"meta":null}"
even though i have mentioned id it is not coming through to target system
1 Like
system
(system)
Closed
May 24, 2024, 6:40pm
9
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.