Account don't get deactivated over SCIM

Former Member

4 years ago

Sorry for the delay. My name is De Ville and I am part of the provisioning team.

... changing away from the provisioning manager.

I wanted to confirm that you upgraded the SCIM bridge to 2.3 and transitioned to using an automated provisioning service account over the legacy Provisioning Manager user, is this correct?

This process would mean that you have created new SCIM bridge credentials that needed to be updated on your SCIM bridge (scimsession) and your identity provider (bearer token).

User accounts that are disabled in AzureAD are still active in 1Password and even after removing the user from the Sync the account is still active.

Can you confirm that the identity provider (Azure AD) has access to the SCIM bridge. You should be able to test the connection between Azure and the SCIM bridge.

Secondly, do you see any errors in the SCIM bridge logs? You can access the logs by navigating the the URL where your SCIM bridge is deployed and entering the bearer token.

I can't even deactivate the user manually in 1Password.

Managing users directly is disabled when automated provisioning is enabled for the account. You should be able to manually suspend the user account when you disable automated user provisioning by switching off provisioning via the integration details page.

Forum Discussion

Account don't get deactivated over SCIM

Featured discussions

September at 1Password: Browser versions, enhanced security, and new integrations

Recent discussions

Unofficial 1Password SDK for Rust

🔊 Securing Cursor agentic development with 1Password Environments

ssh agent and ansible 12 prompting incessantly

1Password Chrome extension is incorrectly manipulating <code> blocks

Custom aliases and OpenSSH fields for SSH Bookmarks