SCIM Bridge Domain Configuration Fails

jonathanjaffe
jonathanjaffe
Community Member

We've successfully deployed the 2.02 SCIM bridge server in a GCP cluster with a static IP address. We have registered a domain name to point to the public, static IP address of the SCIM Bridge server. We connect to the SCIM Bridge server over non-TLS to the "1Password SCIM Bridge Setup" page, to complete the setup. The page shows the deployment is successful. However, it repeatedly fails when we try to verify the publicly available DNS entry that points, using an A record in DNS, to the publicly available SCIM Bridge IP for the cluster. The message returned is, "LetsEncrypt challenge attempt failed. Verify that your SCIM bridge's domain name has not been rate limited."

Prior to this, we has last 1.x version of the SCIM Bridge server running and working, using the same DNS name but a different IP address. After struggling for a while to upgrade the server to 2.02, which resulted in getting a new address, it seemed like everything was working fine until we noticed Okta authentication errors to the SCIM Bridge server. Ultimately, this led us to deleting the entire project in GCP, and starting fresh, which is how we got to where we are now.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Kubernetes
Sync Type: SCIM Bridge Server

Comments

  • Unfortunately the error message is likely right - updating / re-setting up the SCIM bridge usually gets a new certificate, so if something goes wrong customers will often come up against the LetsEncrypt rate limit of 5 per week. Can you try using a different subdomain and seeing if it works?

  • jonathanjaffe
    jonathanjaffe
    Community Member

    Thank you Amanda,

    This worked.

  • So glad to hear that!

This discussion has been closed.