Share via

Operation: GET Response Status Code: InternalServerError

Tim Sobolev 5 Reputation points
2023-09-25T23:34:39.5433333+00:00

Hi, I keep getting this message email to me:

User's image

When I check the provisioning status page showing "not found" Error code 404.

Is there a way through powershell to look and see what Apps are still in the background and a way to remove them?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Entra | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 37,226 Reputation points Microsoft Employee Moderator
    2023-09-26T20:57:58.9+00:00

    @Tim Sobolev

    Thank you for your post!

    Error Message:

    Operation: GET Response Status Code: InternalServerError.

    The target app returned an unexpected error. A service issue with the target application might be preventing it from working. This attempt is automatically retried in 40 minutes.

    I understand that you're receiving the above email and when checking your provisioning status page, you aren't able to find any relevant info due to a 404-error code. To hopefully help point you in the right direction and gain a better understanding of your issue, I'll share my findings below.

    Findings:

    Based off your error message, I wasn't able to find too much information regarding the Internal Server Error when it pertains to SCIM, but you should be able to check the following to see if any more information can be found.

    1. Provisioning logs to see if there are any errors or warnings related to the Internal Sever Error.
    2. The Enterprise Application's Provisioning page to view the current status and see any issues.
    3. The Application's Audit Logs to filter for and view any Failures.

    For more info - Provisioning log Error codes

    If you're still having issues, can you share some more info so I can gain a better understanding your issue:

    • Was everything working as expected previously?
    • Can you share any correlation IDs or time stamps that you're receiving with the error email?

    When it comes to managing your application, you can use the synchronization APIs in Microsoft Graph to manage identity synchronization programmatically, including:

    • Create, start, and stop synchronization jobs.
    • Make changes to the synchronization schema for jobs.
    • Verify the current synchronization status.

    If you'd like to work closer with our support team on this, please let me know. I'd be happy to enable a one-time free technical support request for your subscription so you can work with our support engineers to get this issue resolved.

    Additional Links:

    I hope this helps!

    If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.

    If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.

    0 comments
  2. Danny Zollner 10,816 Reputation points Microsoft Employee Moderator
    2023-09-26T22:58:47.2466667+00:00

    To answer the main question on how to find/stop this - look in the Enterprise Applications list for your Azure AD/Entra ID tenant and see if any of the applications there stand out as being named similarly to the URL that the error contains. I don't believe there is a way to list out all configured provisioning jobs in a tenant - any attempt to do that would require making a List Jobs call to MS Graph API for every service principal, or at least the ones that are Enterprise Apps - I'm not sure how that can be determined via MS Graph, however.

    For reference: https://learn.microsoft.com/en-us/graph/api/synchronization-synchronization-list-jobs?view=graph-rest-beta&tabs=http

    If you have too many AAD/Entra tenants for this to be feasible, if you open a support case via the Entra portal our support engineers may be able to help you locate the source of the error as well.

    Separately, to quickly cover the meaning of the actual error - Entra ID Provisioning is attempting to start a provisioning/sync cycle with the SCIM server at the base URL in the error message, but the server is returning a 500 series HTTP response - in this case, it looks like 500/Internal Server Error. The actual issue is with the SCIM server/app, not Entra.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.