-
Type:
Incident report
-
Resolution: Unresolved
-
Priority:
Trivial
-
None
-
Affects Version/s: 7.4.6, 7.4.7
-
Component/s: Server (S)
-
None
Steps to reproduce:
- Setup the SAML login and SCIM according to the documentation:https://www.zabbix.com/documentation/current/en/manual/appendix/install/azure_ad
- Setup Agent Based SCIM for non public facing zabbix frontend.(not sure if relevant here): https://learn.microsoft.com/en-us/entra/identity/app-provisioning/on-premises-scim-provisioning
- check the Entra ID provisioning logs in the Entra ID enterprise app used for SAML/SCIM
Result:
Expected:
microsoft expects return code 409 not 400 to properly handle if a user is already created.
it expects the following field to properly handle already created users
{ "status": 409, "scimType": "uniqueness", "detail": "..." }
because the reply is not in the expected stated, the provisioning logs display a failed state for specific users already created. the provisioning agent keeps retrying to create the user.
