[SOLVED] Authorization Token missing from Azure AD SCIM user provisioning apis

Authorization Token missing from Azure AD SCIM user provisioning apis

I followed below steps to start SCIM user provisioning inside Azure AD:

Create an Enterprise application.
Enable provisioning by providing the endpoint and secret token.
- Endpoint: [Domain]/scim
- Secret token: Provided by me (I have created a unique JWT token for each customer).
Synchronize all users or selected users to start provisioning - customer's decision.

I have followed SCIM protocol 2.0 and created the following endpoints:

GET [Domain]/scim/users
POST [Domain]/scim/users
PUT [Domain]/scim/users/[userId]
DELETE [Domain]/scim/users/[userId]

I have used the test cases provided in the tutorial section of Azure SCIM, which can be found at:https://github.com/AzureAD/SCIMReferenceCode/wiki/Test-Your-SCIM-Endpoint. All endpoints work perfectly when tested with Postman.

However, when attempting to use Azure AD, the Authorization Code/Token is missing from the header, causing the request to fail validation and making it difficult to identify the requesting customer.

Am I mistaken, or is there an alternative approach to achieve this?

Here is the header I am receiving:

Array
(
    [Adscimversion] => Date:2023-05-16T03:28:34.9633168Z, ActivityId:5678gb58-a34d-41qw-erfgf-213wew43sds
    [Connection] => close
    [X-Accel-Internal] => /internal-nginx-static-location
    [X-Real-Ip] => [IP]
    [Host] => [HOSTNAME]
)

Solution

I have updated my .htaccess file as follow and it's working now

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]