azurescim2

Authorization Token missing from Azure AD SCIM user provisioning apis


I followed below steps to start SCIM user provisioning inside Azure AD:

  1. Create an Enterprise application.
  2. Enable provisioning by providing the endpoint and secret token.
    • Endpoint: [Domain]/scim
    • Secret token: Provided by me (I have created a unique JWT token for each customer).
  3. Synchronize all users or selected users to start provisioning - customer's decision.

I have followed SCIM protocol 2.0 and created the following endpoints:

I have used the test cases provided in the tutorial section of Azure SCIM, which can be found at:https://github.com/AzureAD/SCIMReferenceCode/wiki/Test-Your-SCIM-Endpoint. All endpoints work perfectly when tested with Postman.

However, when attempting to use Azure AD, the Authorization Code/Token is missing from the header, causing the request to fail validation and making it difficult to identify the requesting customer.

Am I mistaken, or is there an alternative approach to achieve this?

Here is the header I am receiving:

Array
(
    [Adscimversion] => Date:2023-05-16T03:28:34.9633168Z, ActivityId:5678gb58-a34d-41qw-erfgf-213wew43sds
    [Connection] => close
    [X-Accel-Internal] => /internal-nginx-static-location
    [X-Real-Ip] => [IP]
    [Host] => [HOSTNAME]
)

Solution

  • I have updated my .htaccess file as follow and it's working now

    RewriteEngine On
    RewriteCond %{HTTP:Authorization} ^(.*)
    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]