primary email not set error while trying to sync users about scimgateway HOT 3 CLOSED

Hi,
Seems OCI requires primary to be set on one of the email addresses.
You must then include {"primary":true}

If you are calling your pluging-scim as standard inbound, the create user POST body should include:
{..., "emails":[{"primary":true,"type":"work","value":"[email protected]"}]}
This will be found in log info message Inbound = xxx

If you are calling createUser method internally, you should use:
userObj={...,"emails":{"work":{"primary":true,"type":"work","value":"[email protected]"}}}

Another thing, and maybe the problem here, is that plugin-scim only accepts {"type":"work"}
You may have to change this behavior.

Regards,
Jarle

from scimgateway.

Hi @jelhub

Thanks for the response.

Yes OCI requires primary to be set on the email address.
I'm calling plugin-ldap to read users/groups from on-prem AD ( users/groups are already created on this AD) and then sync to OCI IDCS. Hence not using createUser method as I'm not explicitly creating users using SCIM GW.

I assume I can update the getUsers method to show email as type of 'work' with value in addition primary boolean value as 'true' as shown in below.

"emails": [
{
"value": "[email protected]",
"type": "work",
"primary": true
}

Please let me know your thoughts.

many thanks, shahid

from scimgateway.

plugin-ldap do not hardcode any primary on email retrieved.
type defined in configuration: "mapTo": "emails.work.value"
You either have to update plugin-ldap or the sync logic to include the primary

Jarle

from scimgateway.