Azure AD SCIM attribute mapping not working for NON_GALLERY applications

Rahul 221 Reputation points
2020-03-23T10:57:25.877+00:00

Hi,

I'm not able to configure the attribute mapping in Azure AD for existing Application.

Reference link: https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/customize-application-attributes

As per the reference link I'm not getting this option instead I'm getting an error as "Application mappings are not valid.".

This is a NON-Gallery Application just configured for user provisioning to custom application. Till 19th-March I was easily able to configure it but now it's not working not for one tenant but for multiple tenant around 5-6 tenant it's the same error.

Also now I don't see the option to force sync in SCIM, earlier there was an option Just under provisioning on/off setting to check mark "clear current state and restart synchronization" (https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/configure-automatic-user-provisioning-portal#settings)

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,602 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Rahul 221 Reputation points
    2020-03-27T08:21:38.753+00:00

    Hi Team,

    I got to figure out what was the issue and it was a change which recently been pushed by Microsoft. Mapping error “Application mappings are not valid” which is not allowing the users to sync.

    Issue had recently popped up due to some back end new patch update at Microsoft end which is not allowing to map Primary key attribute “ID”. Now when we are trying to map the attribute it’s not working. Getting below error:

    Checked MS documentation(https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups#step-2-understand-the-azure-ad-scim-implementation) it says ID is a required property now. Earlier I could map this TargetAttribute (ID) with SourceAttribute (OriginalUserPrincipalName)

    After restoring the mapping and assigning with some other custom attribute the issue seems to be resolved.

    No comments