stackoom
  简体   繁体   中英

Unable to create user in WSO2 IS via SCIM2 API with external claims

 原文  2022-09-26 15:11:51       wso2/ wso2-identity-server

Question

Im trying to create user with external claims, but something wents wrong. I added my claims to scim2-schema-extension.config, to external claims and local claims, but API's response for my request is:

{
"schemas": [
    "urn:ietf:params:scim:api:messages:2.0:Error"
],
"detail": "Error in adding the user: testoviy22@mail.ru to the user store.",
"status": "500"

}

In logs i have

: ERR_13735_ELEMENT_FOR_OID_DOES_NOT_EXIST ATTRIBUTE_TYPE for OID comment does not exist!]; remaining name 'mail=testoviy22@mail.ru'
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3280)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:452)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:299)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:217)
at org.wso2.carbon.user.core.ldap.UniqueIDReadWriteLDAPUserStoreManager.persistUser(UniqueIDReadWriteLDAPUserStoreManager.java:312)
... 73 more

Local claim External claim

Request sample:

{
"name": {
  "familyName": "Zubenko",
  "givenName": "Michael"
},
"password": "qwerty",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
  "comment": "test"
},
"userName": "testoviy22@mail.ru"

}

1 answers

solution1
 0  2022-09-26 15:21:08

Seems you are using an LDAP server as your primary userstore, and that server doesn't support the attribute named "comment" Refer to the note in https://is.docs.wso2.com/en/latest/references/extend/provisioning/extend-scim2-user-schemas/#map-the-custom-claim

You can use the word "customClaim" (or any other preferred word) as the Mapped Attribute only when using a JDBC userstore because JDBC userstores will automatically create a new attribute if it does not already exist in the user store. However, If you are using LDAP or Active Directory, you will have to use an attribute that exists in the user store already .

Change the mapped attribute of the local claim to some valid attribute in the LDAP schema

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How create user in wso2 is via scim2 api with external claims& How to extend user schema using WSO2 charon scim library How to validate ask password confirmation code wso2 SCIM 2 API WSO2 IS how to enable webhooks to external service on user's claims change create user in Self sign up API in WSO2 version 6.0 Create parameters in API Header in WSO2 WSO2 API Manager and WSO2 key manager: user roles are not validated WSO2 IS Claims configuration from secondary store Unable to implement IP White Listing in WSO2 API Manager Unable to start WSO2 API Manager with Traffic Manager Profile
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM