Redeploy SCIM bridge

yma
yma
Community Member

Hi,

We deactivated provisioning in 1Password in order to enable health monitor, but unable to set it up again by navigating to the same domain URL. SCIM bridge was set up in GCP via marketplace. Any suggestions would be really appreciated.

Thanks
Xuan


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • Hi @yma. Thank you for reaching out.

    I'm sorry to hear that you are having an issue after you enabled health monitoring. Enabling health monitoring on it's own should not really have affected your ability to access the SCIM bridge. Did you perhaps regenerate your credentials (i.e. got a new scimsession file and bearer token)? Regenerating the credentials will mean that you will have to install the new scimsession file on the SCIM bridge.

    You can take a look at our guide for upgrading the SCIM bridge on the Google Cloud Platform. You may need to redeploy your SCIM bridge, which is also covered in the guide. Luckily the SCIM bridge does not maintain any state and your configuration in your identity provider and 1Password account will not be affected by redeploying the SCIM bridge.

    Let me know if you need additional help. Alternatively you can also consider contacting our support team for further assistance.

  • yma
    yma
    Community Member

    Hey @DeVille_1P thanks for the info! I think it might be that we did not enable health monitoring during the initial setup. And thought we could do it by deactivating the integration - enabling health monitoring - reactivating the integration. But it looks like once it is deactivated, it broke the connection between the bridge and 1password. And we were unable to authenticate and reconfigure it. We will try to redeploy the SCIM bridge. Quick question, would you have the guide for reinstalling new scimsession file on SCIM bridge in GCP? Just in case we need it in the future. Thanks again!

  • Hi @yma,

    Graham here, jumping in for DV.

    Indeed when you deactivate the integration, it removes the service account associated with the scimsession and bearer token deployed on your bridge. Therefore the bridge will no longer be able to authenticate with our servers. In order to get back up and running, you will need to redeploy the bridge.

    You mentioned you deployed the bridge on GCP. What you need to do is almost the same as the redeploy option documented in updating the bridge, with one exception: as you deleted the integration, you will need to remove the old and now invalid scimsession file from the disk on the Kubernetes cluster. To do that, go to Kubernetes Engine --> Storage, find the Persistent Volume Claim (pvc) associated with your cluster, and delete it. Then you should then be good to redeploy. The persistent volume claim will get automatically re-created during the re-installation.

    In the future, to enable Health Monitoring after deployment, you can go into the integration and under Health Monitoring, click Manage, toggle on Health Monitoring, enter your SCIM bridge address, and then press Save.

    Integrations Page, select Manage in the top right

    Toggle Health Monitoring On

    Enter your bridge address, and press save.

    Let me know what further questions you have!

    Graham

  • yma
    yma
    Community Member

    Great! Thank you so much for all the info! @graham_1P. This is really helpful. I think we should be all good now.

  • Hi @yma,

    Great! I'm glad to hear it. Let us know if you have any further questions.

    Graham

This discussion has been closed.