laravel-scim-server
laravel-scim-server copied to clipboard
Possible Azure AD SCIM issues when changing an email address?
This could absolutely be my own screw-up, but I'd love to get your collective eyes on this issue I've been having with Azure.
I'm getting the following exception when I try to update a user's email address and then force a SCIM provisioning.:
Exception caught! Replace is not implemented for ":urn:ietf:params:scim:schemas:core:2.0:User.emails.value" of type: ArieTimmerman\Laravel\SCIMServer\Exceptions\SCIMException when executing:
PATCH https://msscim.snipe-it.io/scim/v2/Users/21
{"schemas":["urn:ietf:params:scim:api:messages:2.0:PatchOp"],"Operations":[{"op":"Replace","path":"emails[type eq \"work\"].value","value":"[email protected]"},{"op":"Replace","path":"addresses[type eq \"work\"].formatted","value":"18/2111"},{"op":"Add","path":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department","value":"Retail"}]}
The relevant portion of my SCIM config is this:
<?php
/* ....... */
$config['validations'][$core.'emails'] = 'nullable|array'; // emails are not required in Snipe-IT...
$config['validations'][$core.'emails.*.value'] = 'email'; // ...(had to remove the recommended 'required' here)
$mappings['emails'] = [[
"value" => AttributeMapping::eloquent("email"),
"display" => null,
"type" => AttributeMapping::constant("work")->ignoreWrite(),
"primary" => AttributeMapping::constant(true)->ignoreWrite()
]];
/* ..... */
(The entire SCIM configuration can be viewed, if you need it, here: https://github.com/snipe/snipe-it/blob/master/app/Models/SnipeSCIMConfig.php )
I experimented with adding an additional mapping for ['emails']['value']
that I set ignoreRead()
on, but that didn't seem to help either.
Am I doing something wrong, or have I maybe run into a bug? It does seem like Microsoft's PatchOp
request seems to be correctly formatted (I think?).
Thanks everybody for this spectacular software!!!