Error when provisioning user to AWS SSO

Question

Hi there,

I have error when trying to provisioning user from Azure AD to AWS SSO, the provisioning connection in Azure has setup and tested OK, however, when I did provisioning, I have the following error, can anyone please help, thanks,

Modified attributes (failed)

Data flow

Failed to create User '******@XXXXX.onmicrosoft.com' in AWSSingleSignon

Error code

SystemForCrossDomainIdentityManagementServiceIncompatible

Error message

StatusCode: BadRequest Message: Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the 'Response' property of this exception for details. Web Response: {"schema":["urn:ietf:params:scim:api:messages:2.0:Error"],"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"detail":"Request is unparsable, syntactically incorrect, or violates schema.","status":"400","exceptionRequestId":"f6fa5ce5-3249-4cae-85ab-d392","timeStamp":"2023-01-26 23:56:24.432"}

Target attribute nameSource attribute valueExpressionOriginal target attribute valueModified target attribute valueactiveNot("False")Not([IsSoftDeleted])TruedisplayNamedevops05[displayName]devops05userName******@XXXXX.onmicrosoft.com[userPrincipalName]devops05@XXXXXX.onmicrosoft.comexternalId6c462b2b-c425-40f7-b052-3f64[objectId]6c462b2b-c425-40f7-b052-3f64

Cassy

Answer 1

Hi there,

I managed to resolve this issue by adding First & Last name of the AD user in the user properties.

Answer 2

Hi Win Sky ,

Thank you for updating your post so quickly with your resolution.

I'm glad that you were able to resolve your issue and appreciate you posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

Issue:

You encountered an error when trying to provisioning user from Azure AD to AWS SSO.

Error: Failed to create User '******@XXXXX.onmicrosoft.com' in AWSSingleSignon

Error code: SystemForCrossDomainIdentityManagementServiceIncompatible

Error message: Request is unparsable, syntactically incorrect, or violates schema.

Resolution:

After adding the First and Last names of the Active Directory user in the user properties, the error was resolved.

If you have any other questions or are running into more provisioning issues, please let me know. Thank you again for your time and patience throughout this issue.

-

Please remember to "Accept the Answer" if any answer/reply accurately described the solution, so that others in the community facing similar issues can easily find the solution.

Answer 3

This error often occurs due to incorrect attribute mapping in the Provisioning section of the Enterprise Application within Entra ID.

To resolve this issue, follow these steps:

• Consult with the application vendor to obtain the required attribute mapping table.
• Configure SCIM attribute mapping in Entra ID according to the provided table.

Here's an example of a typical attribute mapping table:

By ensuring accurate attribute mapping, you can successfully integrate the application with Entra ID and avoid this error.

Please mark it as "Accepted Answer", if it solves your problem.

Answer 4

This error often occurs due to incorrect attribute mapping in the Provisioning section of the Enterprise Application within Entra ID.

To resolve this issue, follow these steps:

• Consult with the application vendor to obtain the required attribute mapping table.
• Configure SCIM attribute mapping in Entra ID according to the provided table.

Here's an example of a typical attribute mapping table:

By ensuring accurate attribute mapping, you can successfully integrate the application with Entra ID and avoid this error.

Please mark it as "Accepted Answer", if it solves your problem.