Zscalar 2.0 provisioning flow fails with the following error visible in the Okta dashboard:

Automatic provisioning of user <user> to app Zscaler 2.0 failed: Error while verifying if user <user> exists : . Errors reported by remote server: Authorization Fails

• Zscaler 2.0
• Provisioning
• Error

The API authentication token used for creating the API connection is invalid.

1. Go to Okta Admin Console and navigate to Applications > Applications > Zscalar 2.0 > Provisioning > Integration > click the Edit button.

2. Refer: Zscaler: Configuration Guide. Enter the following information:
   

   • Zscaler ID: Enter the Organization ID and IdP ID of the Base URL in the following format: <Organization ID>/<IdP ID>

     • For example, if the Base URL is https://scim.zscalerbeta.net/1234567/098/scim, enter 1234567/098.
       

   • API Token: Enter the Bearer Token.

3. Click Test API Credentials. Once it is successful, save it. If the test fails, verify that the bearer token is correct.

4. Attempt the failed tasks again. Navigate to Dashboard > Tasks. Any failed assignments should appear under Tasks.

5. After identifying the failed task for the user that should be retried, click Retry Selected.

Related References

• Zscaler: Configuration Guide