I have implemented this SCIM reference code in our application.
My implemented code did pass all the test collection of Users present in this postman link. My SCIM Api was also accepted by Azure as the valid endpoint for Users.
The real problem starts when I tried to perform Provision on Demand from the Azure portal for a User.
I received the following error code: SystemForCrossDomainIdentityManagementBadResponse
Error Message: A required attribute is missing from a response. The missing attribute is Identifier. Here is the response:
{
"result": {
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {},
"active": true,
"displayName": "Chris Brown",
"emails": [
{
"type": "work",
"primary": true,
"value": "chris.brown#xyz.com"
}
],
"meta": {
"resourceType": "User",
"created": "2022-04-21T05:27:03.774148Z",
"lastModified": "2022-04-21T05:27:03.774148Z",
"version": null,
"location": null
},
"name": {
"formatted": "Chris Brown",
"familyName": "Brown",
"givenName": "Chris"
},
"preferredLanguage": "en-GB",
"userName": "chris.brown#xyz.com",
"externalId": "chris.brown",
"id": "a99b4da2-ab2f-49fc-8a01-4a9ce251fbdb",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
]
},
"targetUrl": null,
"success": true,
"error": null,
"unAuthorizedRequest": false,
}
As you can clearly see, I have added id (the Identifier) to the response. Now I am confused about what the error message conveys.
Please help.
An image for clear understanding of the error message at Azure Portal:
Your response doesn't align with the SCIM spec. The response to the POST (I think that's what it is, given the screenshot) is nesting the actual response inside of a "Result" object that is not defined in the spec at all.
Take a look at https://datatracker.ietf.org/doc/html/rfc7644#section-3.3 for an example of a correct response to a POST.
Also, there are a number of attributes in your response, outside of the "request" attribute/object, that aren't defined in the spec and are therefore noncompliant. Those would be:
"targetUrl": null,
"success": true,
"error": null,
"unAuthorizedRequest": false,
Related
I have the Azure AD users that are synced from my on-premises AD.
When I updated the user's properties (such as displayName, department, and so on), some users succeeded in updating, but some users failed to update.
In Azure AD, the audit logs of the update successful user and the failed user are as follows.
////////////////// update success user
{
"id": "Directory_xxxxxxx_112926480",
"category": "UserManagement",
"correlationId": "xxxxx",
"result": "success",
"resultReason": "",
"activityDisplayName": "Update user",
"activityDateTime": "2022-02-07T07:03:44.6467812Z",
"loggedByService": "Core Directory",
"operationType": "Update",
"initiatedBy": {
"user": null,
"app": {
"appId": null,
"displayName": "xxxx",
"servicePrincipalId": "xxxx",
"servicePrincipalName": null
}
},
"targetResources": [
{
"id": "xxxx",
"displayName": null,
"type": "User",
"userPrincipalName": "xxxx#xxxx",
"groupType": null,
"modifiedProperties": [
{
"displayName": "Included Updated Properties",
"oldValue": null,
"newValue": "\"\""
},
{
"displayName": "TargetId.UserType",
"oldValue": null,
"newValue": "\"Member\""
}
]
}
],
"additionalDetails": [
{
"key": "UserType",
"value": "Member"
},
{
"key": "User-Agent",
"value": "Apache CXF 3.2.14"
}
]
},
////////////////// update fail user
{
"id": "Directory_xxxx_118537500",
"category": "UserManagement",
"correlationId": "xxxx",
"result": "failure",
"resultReason": "Microsoft.Online.Workflows.PropertyUpdateNotAllowedException",
"activityDisplayName": "Update user",
"activityDateTime": "2022-02-07T07:03:04.9716261Z",
"loggedByService": "Core Directory",
"operationType": "Update",
"initiatedBy": {
"user": null,
"app": {
"appId": null,
"displayName": "xxxx",
"servicePrincipalId": "xxxx",
"servicePrincipalName": null
}
},
"targetResources": [
{
"id": "xxxx",
"displayName": null,
"type": "User",
"userPrincipalName": "xxxx#xxx",
"groupType": null,
"modifiedProperties": [
{
"displayName": "MethodExecutionResult.",
"oldValue": null,
"newValue": "\"Microsoft.Online.Workflows.PropertyUpdateNotAllowedException\""
},
{
"displayName": "TargetId.UserType",
"oldValue": null,
"newValue": "\"Member\""
}
]
}
],
"additionalDetails": [
{
"key": "UserType",
"value": "Member"
},
{
"key": "User-Agent",
"value": "Apache CXF 3.2.14"
}
]
},
Could you tell why the results are so different?
Any help would be appreciated.
Some user details are failed to update because of the error:
Microsoft.Online.Workflows.PropertyUpdateNotAllowedException
The above error usually occurs for many reasons like:
There may be some attributes that violate formatting requirements which restrict characters and character length of attribute values.
The attributes that require unique values may have duplicate attribute values in existing user account (on-prem AD).
May be the user principal name (UPN) was changed after the initial synchronization and must be updated manually.
Some attributes may match exclusion rules for directory synchronization.
The domain value that's used by AD DS attributes hasn't been verified.
To resolve this error, please check the below workarounds if they are helpful:
Use the IdFix DirSync Error Remediation Tool to check for duplicates, missing attributes, and rule violations.
Update AD DS attributes to remove duplicates, rule violations, and scoping exclusions.
Make sure the user properties can’t contain accent characters and the size of displayName, department etc… are under the maximum limits.
For more information in detail, go through below references.
References:
One or more objects don't sync when the Azure Active Directory Sync tool is used - Active Directory | Microsoft Docs
Troubleshoot directory synchronization errors with event 6941 - Office 365 | Microsoft Docs
I'm using postman to make rest requests to the azure API to run a pipeline that is in synapse, in terms of permissions and the token I already get them and it works, the problem is that the pipeline receives 3 parameters but I don't know how to pass them, so I have this request, example:
https://hvdhgsad.dev.azuresynapse.net/pipelines/pipeName/createRun?api-version=2020-12-01
and the parameters I added them in the body:
{
"parameters": {
"p_dir": {
"type": "string",
"defaultValue": "val1"
},
"container": {
"type": "string",
"defaultValue": "val"
},
"p_folder": {
"type": "string",
"defaultValue": "val3"
}
}
}
but when I validate the run that was launched with the request I get this.
{
"id": "xxxxxxxxxxxxxxx",
"runId": "xxxxxxxxxxxxxxxxxxxxx",
"debugRunId": null,
"runGroupId": "xxxxxxxxxxxxxxxxxxxx",
"pipelineName": "xxxxxxxxxxxxxxxxx",
"parameters": {
"p_dir": "",
"p_folder": "",
"container": ""
},
"invokedBy": {
"id": "xxxxxxxxxxxxxxxxx",
"name": "Manual",
"invokedByType": "Manual"
},
"runStart": "2021-07-20T05:56:04.2468861Z",
"runEnd": "2021-07-20T05:59:10.1734654Z",
"durationInMs": 185926,
"status": "Failed",
"message": "Operation on target Data flow1 failed: {\"StatusCode\":\"DF-Executor-SourceInvalidPayload\",\"Message\":\"Job failed due to reason: Data preview, debug, and pipeline data flow execution failed because container does not exist\",\"Details\":\"\"}",
"lastUpdated": "2021-07-20T05:59:10.1734654Z",
"annotations": [],
"runDimension": {},
"isLatest": true
}
the params are empty, so I don't know what's wrong or missing.
what is the correct way to pass them???
ref: https://learn.microsoft.com/en-us/rest/api/synapse/data-plane/pipeline/create-pipeline-run#examples
Just created an account to answer this as i've had the same issue.
I resolved this by just having the name of the variable and its subsequent value in the body JSON.
e.g.
{"variable": "value", "variable": "value"}
Found this by following the documentation you had posted, under request body it passes the name of the variable and the value directly into the JSON body.
{
"OutputBlobNameList": [
"exampleoutput.csv"
]
}
This particular example is a list/array so it confused me by adding the brackets [] if you are passing string parameters this is unneeded.
I am trying to automate the creation of Azure Pipelines for a particular branch using their REST api.
However, I am struggling to use almost all their API's, as their documentation lacks examples.
Things like List and Get are simple enough.
However, when it comes to queuing a build:
https://learn.microsoft.com/en-us/rest/api/azure/devops/build/builds/queue?view=azure-devops-rest-6.0
POST https://dev.azure.com/{organization}/{project}/_apis/build/builds?api-version=6.0
{
"parameters": <parameters>, // how do i send paramters
"definition": {
"id": 1
},
"sourceBranch": "refs/heads/feature/my-pipeline",
"sourceVersion": "d265f01aeb4e677a25725f44f20ceb3ff1d7d767"
}
I am currently struggling to send parameters.
I have tried:
Simple JSON like:
"parameters": {
"appId": "bab",
"platform": "android",
"isDemo": true
}
and stringify version of JSON like:
"parameters": "{\"appId\": \"bab\",\"platform\": \"android\",\"isDemo\": true}"
but none seems to work.
It keeps giving me the error:
{
"$id": "1",
"customProperties": {
"ValidationResults": [
{
"result": "error",
"message": "A value for the 'appId' parameter must be provided."
},
{
"result": "error",
"message": "A value for the 'platform' parameter must be provided."
},
{
"result": "error",
"message": "A value for the 'isDemo' parameter must be provided."
}
]
},
"innerException": null,
"message": "Could not queue the build because there were validation errors or warnings.",
"typeName": "Microsoft.TeamFoundation.Build.WebApi.BuildRequestValidationFailedException, Microsoft.TeamFoundation.Build2.WebApi",
"typeKey": "BuildRequestValidationFailedException",
"errorCode": 0,
"eventId": 3000
}
The docs is very unclear in how to send this data: https://learn.microsoft.com/en-us/rest/api/azure/devops/build/builds/queue?view=azure-devops-rest-6.1#propertiescollection
Thank you very much for you help.
I believe you cannot pass runtime parameters trough the Queue API. Instead, use Runs API
With that, your request body (use Content-type: application/json) should look something similar to this:
{
"resources": {
"repositories": {
"self": {
"refName": "refs/heads/feature/my-pipeline"
}
}
},
"templateParameters": {
"appId": "bab"
"platform": "android"
"isDemo": true
}
}
I just realized that in the api-version=6.0 you can also send templateParameters on the Queue Service:
POST https://dev.azure.com/{organization}/{project}/_apis/build/builds?sourceBuildId={BUILD_BUILDID}&api-version=6.0
{
"templateParameters": { "doReleaseBuild": "True" },
"definition": {
"id": 1
},
"sourceBranch": "refs/heads/feature/my-pipeline",
"sourceVersion": "d265f01aeb4e677a25725f44f20ceb3ff1d7d767"
}
I'm currently using Dialogflow in combination with fulfillment/webhooks.
In the documentation of the fulfillments there is an example POST request for webhooks:
POST body:
{
"contexts": [
string
],
"lang": string,
"query": string,
"sessionId": string,
"timezone": string
}
The request that I'm receiving on my end is different from what is defined in the documentation. Has somebody an idea why?
This is what I receive:
{
"id": "GUID",
"timestamp": "2018-01-12T12:25:32.202Z",
"lang": "de",
"result": {
"source": "agent",
"resolvedQuery": "Test",
"speech": "",
"action": "",
"actionIncomplete": false,
"parameters": {
"Nummer": ""
},
"contexts": [],
"metadata": {
"intentId": "XYZ",
"webhookUsed": "true",
"webhookForSlotFillingUsed": "false",
"intentName": "Intent"
},
"fulfillment": {
"speech": "",
"messages": [{
"type": 0,
"speech": ""
}]
},
"score": 0.6700000166893005
},
"status": {
"code": 200,
"errorType": "success",
"webhookTimedOut": false
},
"sessionId": "GUID"
}
I've found that different invocation sources send slightly different data to the web hook.
For example the Google Action simulator will send different information in the context reply than say the test pane in an intent.
Im guessing that the answer may lie in where/how your calling the web hook.
I'm writing an agent using API.AI I'm observing that my back-end is not called everytime. I can see that in my access logs. Any idea what can cause the issue?
Here is the response of the console:
{
"id": "c1902c75-1550-43f6-9cc8-b0461f1dfac7",
"timestamp": "2016-12-22T19:58:13.49Z",
"result": {
"source": "agent",
"resolvedQuery": "echo test",
"action": "",
"actionIncomplete": false,
"parameters": {
"myInput": "test"
},
"contexts": [],
"metadata": {
"intentId": "062b4383-06a0-40fe-bbeb-9189db49aeb8",
"webhookUsed": false,
"webhookForSlotFillingUsed": "false",
"intentName": "Response"
},
"fulfillment": {
"speech": "",
"messages": [
{
"type": 0,
"speech": ""
}
]
},
"score": 0.75
},
"status": {
"code": 200,
"errorType": "success"
},
"sessionId": "70be8f65-81f0-40be-a271-84a2d4960224"
}
I see there no error which explains why my backend is not called.
Here is a screenshot of my intent:
You have not given any value in the action key of the intent.Give some action name and keep this same name of your function which will accept the parameters from the api.ai
basically the flow is
1)user enters an input.
2)api.ai tries to match the user's input with the intents defined by you, if not found it will got to the fallback intent.
3)once the proper intent is matched then api.ai tries to extract the parameters from the user's sentence.
4)once all the required parameters are found it will call the action which you have defined in the intent.
NOTE: if none of the parameters are required in the intent it directly calls the action .