Reputation: 179
Okta scim user automatic provision of user failed
I configured okta snowflake SSO. I assigned users as well. I configures scim which has permission to create users, deactivate users, sync password. After i configure scim i am having errors for existing users Automatic provisioning of user to app snowflake failed. Error while creating user. Conflict. Error reported by remote server. User exist with given user name. Same thing happening when I am assigning the app to existing user with same user name. Is there any way to fix it or is it best to remove scim.
Upvotes: 0
Views: 981
Answers (2)
Reputation: 26
In order to resolve the issue please check the following:
- Fetch the Mapping which you have on the SCIM provisioning app.
- Check that the user which is getting synched with the attributes as derived from the above step.
- If the user exists please check the owner of the user.
- If the owner is other than the provisioned role AAD_PROVISIONER, OKTA_PROVISIONER then change the ownership of the user to the above role.
Try to sync again, you should not get into this error.
Upvotes: 0
Reputation: 50
In order for the merge to be successful, the login mapping needs to be exactly the same (the rest gets updated by okta). So make sure users can login via SSO first.
You also need to transfer ownership manually. Documentation provides this command:
use role accountadmin;
grant ownership on user <user_name> to role okta_provisioner;
Upvotes: 0
Related Questions
- How to create a user with credentials in okta using python sdk
- Okta Snowflake Role creation
- Single Sign On with Okta session
- Okta introspect endpoint always returns false
- How to set up Okta as SAML IDP in AWS Cognito User Pool?
- Setting up SP Initiated Sign on using OKTA
- Okta API Python SDK - Error activating a user
- Internal Provisioning error during existing user provisioning
- Cannot create user via OKTA API
- OKTA Saml 2.0 configurations