Hello,
I am attempting to validate that SCIM can be configured with the correct properties for my auth0 application. When attempting to follow the Provision steps in the Self-Service SSO SCIM configuration, I am getting a Forbidden “SystemForCrossDomainIdentityManagementCredentialValidationUnavailable” message from Entra when I try and configure the provisioning connection of my enterprise application.
Getting a “You appear to have invalid credentials" error message. I am currently using my tenant’s default {tenant-name}.onmicrosoft.com domain
I am trying to configure an test Azure Entra ID tenant environment to provision users using SCIM using a generated ticket. Following the steps with the Self-Service SSO, I was able to create a connection in Auth0 no problem that is connected to an App registration I created in Azure, which I can see matches the connection ID in the SCIM Endpoint URL in Auth0. I have also added ?aadOptscim062020 as a query param.
I have generated a bearer token for this endpoint, however, when I try and test the connection I get the above error. I have followed the steps In Inbound SCIM for New Azure AD Connections and validated the following:
- Ensure that User ID Attribute Type is set to User Object Identifier (oid) and Use Common Endpoint toggle is Disabled.
- Sync user profile attributes at each login is disabled
- SCIM attribute containing the User ID setting is set to externalId.
- All scopes have been enabled for our SCIM endpoint in the generated ticket
- None of the applications were enabled despite putting the client id but Ive enabled all applications for the connection JIC.
- Ive tried deleting and then regenerating the Bearer token multiple times and testing the same connection multiple times.
Any advice for getting this SCIM Provisioning working?