SCIM Bridge Domain Configuration Fails

We've successfully deployed the 2.02 SCIM bridge server in a GCP cluster with a static IP address. We have registered a domain name to point to the public, static IP address of the SCIM Bridge server. We connect to the SCIM Bridge server over non-TLS to the "1Password SCIM Bridge Setup" page, to complete the setup. The page shows the deployment is successful. However, it repeatedly fails when we try to verify the publicly available DNS entry that points, using an A record in DNS, to the publicly available SCIM Bridge IP for the cluster. The message returned is, "LetsEncrypt challenge attempt failed. Verify that your SCIM bridge's domain name has not been rate limited."

Prior to this, we has last 1.x version of the SCIM Bridge server running and working, using the same DNS name but a different IP address. After struggling for a while to upgrade the server to 2.02, which resulted in getting a new address, it seemed like everything was working fine until we noticed Okta authentication errors to the SCIM Bridge server. Ultimately, this led us to deleting the entire project in GCP, and starting fresh, which is how we got to where we are now.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Kubernetes
Sync Type: SCIM Bridge Server

Comments

  • 1P_Amanda1P_Amanda

    Team Member

    Unfortunately the error message is likely right - updating / re-setting up the SCIM bridge usually gets a new certificate, so if something goes wrong customers will often come up against the LetsEncrypt rate limit of 5 per week. Can you try using a different subdomain and seeing if it works?

  • Thank you Amanda,

    This worked.

  • 1P_Amanda1P_Amanda

    Team Member

    So glad to hear that!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file