7,023 questions
The above issue is now resolved. Please validate if the request now works in your tenant.
Backend Issue with Active Directory API Driven Provisioning App ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 64%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Anthony Kersten
25
Reputation points
I am trying to use this JSON to push a user to the on premise active directory using the Enterprise Application called:
API-driven provisioning to on-premises Active Directory
When pushing any JSON to Provisioning API Endpoint, I will get this error:
{
"error": {
"code": "UnknownError",
"message": "",
"innerError": {
"date": "2023-10-05T14:28:10",
"request-id": "d00940ff-5eac-4c0f-97e0-5ca1610f4dfd",
"client-request-id": "cc5c39e0-2caa-20a1-610a-4e6e5779dc5e"
}
}
}
Schema on the App are the default schema. My expectations would be that the user would be created. There are No provisioning logs whatsoever.
Here is an example of the body:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:BulkRequest" ], "failOnErrors": null, "Operations": [ { "bulkId": "86bdc432-c34e-44ab-8bcb-3e9f8a1fb409", "data": { "externalId": "400", "schemas": [ "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" ], "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "employeeNumber": "400" } }, "method": "POST", "path": "/Users" } ] }
But even only specifying {} as the body will give the same error.
It seems that the ingestion doesn't work at all for the service.
The Provisioning agent is running on version: 1.1.1367.0
I've reinstalled the agent, created a new application. application has the neccesary API permissions. It actually worked two days ago and i've pushed around 20 users, exactly the same way. Microsoft says its in Private preview, and not supported.
Hopefully the community can help thanks a lot!
Windows for business Windows Client for IT Pros Directory services Active Directory
Microsoft Security Microsoft Entra Microsoft Entra ID
25,081 questions
Microsoft Security Microsoft Entra Other
2,589 questions
{count} vote
-
Anthony Kersten 25 Reputation points
2023-10-06T09:43:14.1266667+00:00 Invoke-RestMethod $provisioningapiendpoint -Method POST -Body $json -ContentType "application/scim+json" -Headers @{Authorization = "Bearer $accesstoken"} -
Anthony Kersten 25 Reputation points
2023-10-06T12:00:40.64+00:00 Ok, so there has been some progress here. The issue occurs on the tenant side, because the Entra ID provisioner gives the same error when going directly to Entra (no on premise AD). Now on a case with Microsoft. Updates will follow
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 87%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWL%3C/text%3E%3C/svg%3E)
Wouter Landuyt 5 Reputation points2023-10-06T16:59:08.2533333+00:00 I am receiving the same issue. Provisioning was working fine a week ago..
Keep us informed!
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2023-10-06T23:00:31.3366667+00:00 I'm also receiving the exact samme status code (500) which seems to be an API endpoint connectivity issue - I'm now in a dialog with the Product Manager from the product team that are currently working on it.
So I tried following steps to reproduce the issue:
- Ran my http trigger in my logic app to call my HR-app
- Runs through all the steps without any errors (Parsing and preparing the bulkpayload from the master record in HR)
- Fails at the step where the payload is about to be send to the API endpoint (Provisioning app).
I thought maybe it was a problem related to the Logic App it self, but I did a quick comparison with the payload (output) from both the succeeded and the failed ones from the History tab in my Logic app, but the data output was exactly the same.
-
Anonymous
2023-10-06T23:22:26.5+00:00 Update for everybody:
- Microsoft deployed the bugfix and had not reached all tenants yet.
- It seems like it's connectivity issue from the API endpoint since I did several tests with both CSV2SCIM and by HTTP triggers which both failed immediately.
Sign in to comment
Accepted answer
-
Chetan Desai 1,066 Reputation points Microsoft Employee2023-10-07T02:36:16.6433333+00:00 -
Anthony Kersten 25 Reputation points
2023-10-09T07:24:31.4633333+00:00 Yes, the issue has been resolved. Thank you.
Sign in to comment -
2 additional answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 35%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Andrej Melicher 90 Reputation points2024-07-18T09:25:03.4733333+00:00 Hi,
I'm stuck with same "UnknownError" in my deployment. I have configured Automatic provisioning, status of my On-premises provisioning agent is "active", test connection is successful with "The supplied credentials are authorized to enable provisioning".
I have configured App Registration with AuditLog.Read.All and SynchronizationData-User.Upload permissions. Using default attribute mapping with sample payload from Microsoft documentation.
No success to test Endpoint via Powershell or Postman, any ideas what's wrong?
Thanks for helping.
-
Andrej Melicher 90 Reputation points
2024-07-18T12:07:19.97+00:00 after few hours, suddenly its working... don't know why, I did not change anything...
-
Chetan Desai 1,066 Reputation points Microsoft Employee
2024-07-19T06:01:35.1566667+00:00 Hi Andrej, Sorry for the inconvenience caused. There was a service backend issue that led to this error impacting a subset of our customers. As soon as we got reports about it, we fixed the backend issue. Thanks for letting us know.
Sign in to comment -
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 56.00000000000001%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECR%3C/text%3E%3C/svg%3E)
Chandan Ramesh 0 Reputation points2024-09-06T15:01:48.0033333+00:00 Hello,
I am facing this exact same issue from past couple of days. Before that it was working fine.
Any fix identified? Please let me know. Thanks in advance.