Error during invocation of SCIM API

This topic has 0 replies, 1 voice, and was last updated 4 months ago by praveenpasi.

  • Author
    Posts
  • #28413
     praveenpasi
    Participant

    Hi,
    We are using ForgeRock 6.5.3 & are evaluating the SCIM support available in ForgeRock for users & roles sync between ForgeRock and Oracle IDCS.
    I am following the ForgeRock doc link https://backstage.forgerock.com/docs/idm/6.5/samples-guide/#chap-sync-with-scim for my reference.
    When I invoked the below REST API that initiates the reconciliation process we are getting the below error.

    INFO: Reconciliation failed. SOURCE_IGNORED: 0 FOUND_ALREADY_LINKED: 0 UNQUALIFIED: 0 ABSENT: 0 TARGET_IGNORED: 0 MISSING: 0 ALL_GONE: 0 UNASSIGNED: 0 AMBIGUOUS: 0 CONFIRMED: 0 LINK_ONLY: 0 SOURCE_MISSING: 0 FOUND: 0
    [161] Jan 06, 2021 9:18:43.095 PM org.forgerock.openidm.sync.ObjectMapping doRecon
    SEVERE: doRecon failed: Invalid credential has been provided to operation QUERY for system object
    org.forgerock.openidm.sync.SynchronizationException: Invalid credential has been provided to operation QUERY for system object
    at org.forgerock.openidm.sync.ReconTypeBase.query(ReconTypeBase.java:261)
    at org.forgerock.openidm.sync.ReconTypeByQuery.querySource(ReconTypeByQuery.java:50)


    Caused by: org.identityconnectors.framework.common.exceptions.InvalidCredentialException: 401: Unauthorized
    at org.forgerock.openicf.connectors.scim.client.ScimClient.query(ScimClient.java:394)
    at org.forgerock.openicf.connectors.scim.ScimConnector.executeQuery(ScimConnector.java:314)
    at org.forgerock.openicf.connectors.scim.ScimConnector.executeQuery(ScimConnector.java:67)
    at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.rawSearch(SearchImpl.java:162)

    Before inovking the REST API that starts the reconciliation I have done the below steps.
    1.I have created the OAuth application in IDCS & have configured the OAuth details like clientId,clientSecret & SCIMEndpoint in …openidm/samples/sync-with-scim/conf/provisioner.openicf-scim.json file
    2.Verified that the REST API curl –header “X-OpenIDM-Username: openidm-admin” –header “X-OpenIDM-Password: openidm-admin” –request POST “http://idmhost:idmport/openidm/system?_action=test” returns ‘Ok:true’
    3.Invoked the REST API curl –header “X-OpenIDM-Username: openidm-admin” –header “X-OpenIDM-Password: openidm-admin” –request POST “http://idmhost:idmport/openidm/recon?_action=recon&mapping=systemScimAccount_managedUser&waitForCompletion=true” that initiates the reconciliation

    Above error is observed in logs after invoking the REST API in step-3

    Regards,
    Praveen

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?