• State Suggested Answer
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 93 subscribers
  • Views 189 views
  • Users 0 members are here
Options
Related

Not able to UPDATE UCIUser after its created using SCIM Connector

OneIdentity_Dev
5 months ago

Hi Team,

I created a new SAP BTP connector using SCIM connector.

I am facing two issues:

1) Issue while updating UCIUser:

Creation of User and sync to target is working.

But when I do any update of column for the same user, the Ad-Hoc job (UCI_UCIUser_Update) is failing with error message:

ErrorMessages (2023-11-01 10:54:04.603) [1777018] Error executing synchronization project (SAP BTP)'s workflow (Provisioning).
[1777124] Error executing projection step (User) of projection configuration (Provisioning (Provisioning)).
[1777219] Error executing synchronization step (User)!
[1777004] Method (Insert object (Insert)) could not be executed successfully.
[System.Exception] receiving data: {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"detail":"Failed to create entity. HTTP operation failed invoking api.1234.hana.ondemand.com/Users with statusCode: 409 and response: {\"error_description\":\"Email already in use: talha.Kocoglu@test.com\",\"error\":\"scim_resource_already_exists\",\"message\":\"Email already in use: talha.Kocoglu@test.com\"}","status":409}
sending data: {
"active": true,
"userName": "talha.Kocoglu@test.com",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"department": "133512345",
"employeeNumber": "1068437"
},
"displayName": "Kocoglu Talha",
"emails": [
{
"value": "talha.Kocoglu@test.com"
}
],
"name": {
"familyName": "Kocoglu",
"formatted": "Kocoglu, Talha",
"givenName": "Talha"
},
"title": "test",
"locale": "nl_NL",
"preferredLanguage": "nl-NL",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
]
}
Creating POST request using URI https://abcdef.com/ipsproxy/service/api/v1/scim/b12ee6d5-12f1-12f1-bf12-9f57ff12345/Users

I checked the workflows, its looking perfect. From Postman, PUT is working for User update. Any idea how to fix this ?

2) Issue while assigning Users to Groups:

When a group is assigned to a group job UCI_UCIGroup_Update gets triggered.

It gets frozen with below error

ErrorMessages (2023-11-01 10:27:32.073) [1777018] Error executing synchronization project (SAP BTP)'s workflow (Provisioning).
[1777124] Error executing projection step (Group) of projection configuration (Provisioning (Provisioning)).
[1777219] Error executing synchronization step (Group)!
[1777239] The mapping rule (vrtMember members~vrtIDandType) was unable to execute synchronization between system objects (AB_XX_ACCOUNT_DEVELOPER) and (AB_XX_ACCOUNT_DEVELOPER) successfully!
[System.InvalidOperationException] Map (User) is not able to create prototypes of (User (all)).

This is happening may be because the USER update is not working. Any Idea ?

  • 0 5 months ago

    What version of OneIM are you using?

    In addition, in Postman you say a PUT is working. But the connector was using a POST (which is correct according to the SCIM 2.0 specification). Does it work in Postman if you use a POST?


  • 0 5 months ago

    Hi,

    your first issue is because the Projector engine is firing an INSERT (POST instead of PUT) operation, SAP Cloud responses the user already exists.Usually this happens if a) your matching rules of user mapping are not able to find a newly created user or b) the GET operation  before the UPDATE does not return your newly created user. Having a look at your URL I assume your are using SAP IPS proxy supporting SCIM Version 1 only.

    --> https://abcdef.com/ipsproxy/service/api/v1/scim/b12ee6d5-12f1-12f1-bf12-9f57ff12345/Users

    One Identity SCIM connector supports SCIM Version 2 only.

    regards,

       Tino