Problem detected on your 1Password SCIM bridge

fcalata_earnest
fcalata_earnest
Community Member
edited May 2021 in SCIM Bridge

Hi. I'm currently seeing an issue with our 1Password SCIM Bridge. It looks like an automatic update occurred but noticed the cluster only has 1 rather than 2 instances. I tried utilizing the documentation https://support.1password.com/scim-troubleshooting/ but I can't reach the SCIM bridge on a browser either.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @fcalata_earnest!

    If you can't reach your SCIM bridge on your browser, it's likely that it's down. The best way to fix this is to reboot it - if you don't know how to do that, let me know where you deployed it and I can share some instructions. Also, I would like to note that our latest version of the SCIM bridge seems to be a bit more stable than previous versions, so I would recommend upgrading to SCIM bridge 2.0.0 while you're at it.

    Cheers!
    Amanda

  • fcalata_earnest
    fcalata_earnest
    Community Member

    Hi Amanda, we deployed it in GCP. Would you be able to provide those instructions?

  • Go to your cluster, near the top of the page click "Connect", then "Run in cloud shell", a terminal should pop up at the bottom of the page. Hit enter then Authorize, and run the following command: kubectl scale deploy op-scim-bridge --replicas=0 && sleep 3 && kubectl scale deploy op-scim-bridge --replicas=1

    Let me know if that fixes your issue!
    Amanda

  • fcalata_earnest
    fcalata_earnest
    Community Member

    Hi Amanda,

    I'm seeing "deployment.apps/op-scim-bridge scaled" but still only see one node. Any other suggestions?

  • fcalata_earnest
    fcalata_earnest
    Community Member

    I also followed these instructions to update the SCIM bridge to 2.0.0 but still see one node:

  • From our end it looks like your SCIM bridge is working as expected - why are you expecting multiple nodes? Does resizing your node pool in the GCP UI give you the second node you're expecting? Can you go to your SCIM bridge URL in your browser to see if it asks you for a bearer token (ie. scim.example.com).

    Cheers!
    Amanda

  • fcalata_earnest
    fcalata_earnest
    Community Member


    I attached a screenshot here. You notice that before the SCIM bridge stopped working there were two nodes. After I ran the kubectl command you suggested, it restarted the instance and was able to reach the SCIM Bridge URL. I was able to login as well with the bearer token. I attached screenshots here

  • Ah, I see what you mean. I think resizing your node pool should add the second node. The "Some components are pending" is sometimes a red herring - the "Test Connection" from your IdP and the status page that the UI redirects you to when you enter your bearer token are better indicators. Is your SCIM bridge functioning as you expect with respect to user/group management?

  • fcalata_earnest
    fcalata_earnest
    Community Member

    Thanks for clarifying. It's working as expected with respect to user/group management. I increased the size of the node pool which added the second node. Thanks again for your help!

  • No problem, I'm glad it's working!

This discussion has been closed.