<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009XcrcvCABOkta Classic EngineIntegrationsAnswered2024-04-17T10:17:10.000Z2023-08-05T07:28:58.000Z2023-08-09T01:35:55.000Z

7foyb (7foyb) asked a question.

August 5, 2023 at 7:28 AM
Unable to add SWA application using on-premise provisioning agent

I am having a on-premise provisioning agent deployed in a Oracle Linux 7.9 machine and its status is Live and Operational in Okta console. But I receive "There was an unexpected internal error. Please try again." error when I try to add a SWA application that can be connected from the successfully running on-premise provisioning agent. My SCIM Connector application is in local network to the provisioning agent machine. My SCIM Connection base URL is http://192.168.10.48:9000 . This URL is completely accessible from the provisioning agent machine when I use wget/curl command. The on-premise provisioning agent host is having direct internet access (not behind any proxy, but behind a NAT GW). In order to test, I exposed my SCIM Connector application to internet using ngrok and used the publicly expose ngrok URL as base URL for SWA application that uses the same on-premise provisioning agent. Still I receive the same error. Interesting thing is, when I use the same ngrok URL as base URL and Provisioning is SCIM (not using on-premise provisioning agent), everything works fine.

I do not find any logs in the on-premise provisioning agent service and in the system logs too. I disabled selinux in the on-premise provisioning agent machine as keeping it enabled might cause this kind of problems (learned from my personal experience).

I can't expose my SCIM Connector application to internet. I need the on-premise provisioning agent starts working for my SCIM connector application.

Image is not available

  • 3 answers
  • 374 views
7foyb likes this.

  • 7foyb (7foyb)

    I uploaded a wrong screenshot. Here I am providing a right one.

    Image is not available

    Expand Post

  • Mihai N. (Okta, Inc.)

    Hi @7foyb (7foyb)​ , Thank you for reaching out to the Okta Community!

     

    I've been looking into this and according to this post, exposure to the internet might be required.  

    However, I recommend opening a case to have one of our Support Engineers review the implementation.  

     

     

    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

     

    Hope my answer helps! 

    --------------------------------

    Okta Identity Engine (OIE) Ask Me Anything: Get answers from product experts by clicking here.

    Expand Post
    Selected as Best

  • 7foyb (7foyb)

    Hi @Mihai N. (Okta, Inc.)​ , Thanks for suggesting that post. It already told why my provisioning agent is not working for my SCIM 2.0 app. Anyway, I already created a support case and going to discuss about this with Okta in a call.

     

    My few concerns:

    1. Okta could have disallowed me to add a SCIM Connector 2.0 while I selected on-premise provisioning as my Provisiong type.

    2. Or Okta could have provided clear error message says "Provisioning agent doesn't work for SCIM 2.0" otherwise.

     

    I spent two days in these things to find an answer in a hard way. Please consider my concerns to be resolved.

     

    Thanks.

    Expand Post
This question is closed.
Loading
Unable to add SWA application using on-premise provisioning agent