Hope I used the right tag for this question to the forum experts. Might be OIDC instead. My SCIM server and okta SCIM integration are testing out great now and I am happy how it is performing in test. By test I mean manually supplying a bearer token on the SCIM app provisioning page and test/saving it. I also have an SWA app that uses OIDC with PKCE to supply the bearer token I use for testing. I’m using okta default IDP in my dev account to provide the token but I don’t think that matters. Of course, when the token expires any SCIM request generated by the SCIM app fails when the server (actually Okta.AspNetCore) tries to authorize with the token until I use the SWA app and save another token. What am I missing in the SWA app, the SCIM app, or my server so that the SCIM app knows to ask the SWA app for a token instead of using the expired token?
Did you set up this integration using one of the SCIM test apps (found by browsing the catalog) or did you enable SCIM on a custom SWA or SAML application?
The SCIM Test apps only support being provided a valid access token for the OAuth option. If you are not working on an OIN submission, you may want to switch to using a custom SWA or SAML application with provisioning enabled, for which you will provide the OAuth endpoints and client credentials so that Okta is able to request new tokens as needed, instead of you having to manually add a token.
Andrea,
I used the test app from the catalog and not using OIN at this time. I did select the OAuth2 bearer test app. I’ll not be using SAML since we don’t support that in our IDP even it I am not using it at this time. I’ll see if I can navigate a custom SWA app