Failed to create session after update to 2.6.2

Community Member


I've updated my 1password scim bridge from 2.6.0 (worked fine) to 2.6.2 following the steps in
The bridge is deployed on a GKE cluster via the market place and I've only patched the image tag on the deployment to 2.6.2.

Bridge seems to be working fine, it even synchronized a new employee to our 1password org, but since the update I'm getting a "Error occured when logging in. failed to create session" when I want to log in the bridge url.

I've checked the pod's log and a permission denied appears when I try to log in :

9:58AM ERR failed to authenticate error="cannot create directory \"/home/opuser/.config/op\" and the parent directories: mkdir /home/opuser: permission denied\n" application=op-scim build=206022 request_id=XXX version=2.6.2
9:58AM ERR failed to generate new session error="cannot create directory \"/home/opuser/.config/op\" and the parent directories: mkdir /home/opuser: permission denied\n" application=op-scim build=206022 request_id=cculaevjf55g0229sp60 version=2.6.2

I did try to start a shell in the pod and mkdir it myself, but I got a permission denied as well. There is a /home/scimuser though.

1Password Version: Not Provided
Extension Version: 2.6.2
OS Version: Not Provided
Browser:_ Not Provided


  • Hi @bertrandpgn I'm Laz, a developer on the SCIM bridge.

    I'm sorry to hear that you are having this issue when upgrading your SCIM bridge. Did you upgrade your bridge by following our official upgrade guide? If not, can you send over the exact command you used to upgrade the image tag?

  • bertrandpgn
    Community Member

    Hi Laz,

    Yes I did upgrade using the guide, with :

    kubectl set image deploy/op-scim-bridge op-scim-bridge=1password/scim:v2.6.2

  • bertrandpgn
    Community Member
    edited October 2022


    For the record, I spotted some pretty big changes between the kubernetes deployment I had (from the Google Kubernetes Marketplace) and the one from the scim-example github repo. So I trashed the whole namespace and redeployed the bridge from scratch (from the Marketplace) which works fine now.
    The deployment object now (2.6.2) is completely different from the one deployed with the older version (2.6.0).
    The init-container creates different directories and the env variables changed.

    It could be nice to update the upgrade process so that it won't break things :)
    Thanks for the time anyway !

  • Thanks for taking the time to attempt a redeployment and update us on your status, I'm glad that it fixed your problem. I'm sorry that the standard upgrade process did not work out for you, I'm going to investigate what went wrong with it exactly and see if we can make it work better going forwards.

This discussion has been closed.