Thursday, August 02, 2018

SCIM with Azure AD - no parameters coming through to Rails contoller

I've been working to integrate our application with Azure Active Directory via SCIM - i.e., to allow Azure AD to provision users in our application using SCIM.  The problem I was having was that when Azure went to create users, the parameters hash in Rails was empty - {}.  I opened a ticket with Microsoft and spent weeks (literally) going back and forth with them.  After they assured me that the parameters were being sent, I started dumping all the info I could about the incoming requests. 

Eventually, I found that request was coming in with a "Content-type: application/scim+json" header, even though Microsoft's documentation showed "application/json".  (I've opened an issue for this.)  Once I saw that, I could easily reproduce the bug locally with curl.  This fix was pretty straightforward - add a new MIME type.  I found a thread on GitHub hashing out how/when to do that with Rails API, but it applied just the same in vanilla Rails.

I hope this helps someone else out there.  Enjoy.