What header name is expected when authenticating a service account to the SCIM endpoints?

Hi,

I am trying to connect a SCIM client to Asana’s SCIM endpoints. When trying to fetch the provider configuration, I am getting an 401 Unauthorized error from the API along with this error message:

{"errors":[{"message":"Not Authorized","help":"For more information on API status codes and how to handle them, read the docs on errors: https://developers.asana.com/docs/errors"}]}"
2024-08-19 09:04:24,059 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 << HTTP/1.1 401 Unauthorized

I checked the documentation, but I seem to cannot find the correct header name to have the SCIM client authenticate successfully. The SCIM client is the SCIM-for-Keaycloak plugin, if that helps.

The request seems to look like this;

2024-08-19 09:04:23,923 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 >> GET /api/1.0/scim/ServiceProviderConfig HTTP/1.1
2024-08-19 09:04:23,923 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 >> Content-Type: application/scim+json
2024-08-19 09:04:23,923 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 >> Authentication: ********
2024-08-19 09:04:23,923 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 >> Host: app.asana.com
2024-08-19 09:04:23,924 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 >> Connection: Keep-Alive
2024-08-19 09:04:23,924 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 >> User-Agent: Apache-HttpClient/4.5.14 (Java/17.0.12)
2024-08-19 09:04:23,924 DEBUG [org.apache.http.headers] (executor-thread-20) http-outgoing-9 >> Accept-Encoding: gzip,deflate

Thank you

Hi @Stephan_Budach!

To access any of the APIs, you must pass an HTTP header named Authorization with your personal access token in the following format:

Authorization: Bearer ACCESS_TOKEN

You must include Bearer in front of your token. From the request example you provided, it looks like you’re using a header named Authentication.

Hope this helps!

2 Likes

Hi David,

thank you - that’s what I expected. I only had some issues getting that to setup properly in the SCIM client, we want to use, but it’s all set now.

Cheers,
Stephan

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.