Spotfire Ideas Portal
As Spotfire administrator I want to receive a notification from a missed synchronization heartbeat with regards to SCIM.
reason:
I looked up information regarding scim on my set-up.
Spotfire does not have references to the SCIM application id on azure. (nice to have some form of registration for back-reference)
Besides this i found in access.log that after receiving many statuscodes 200 at various timestamps I suddenly receive 401 codes in the log on the scim endpoint.
Note the validity cut based on the access.log file in attached image and from the notes i took during configuration (which contain the lapsed token, so i can freely share) the timestamp for the validity is the vertical line.
>config issue-access-token \
--client-id=68***REDACTED***.oauth-clients.spotfire.tibco.com \
-Suser-directory.write.all \
-Suser-directory.read.all
Tool password:
Access token successfully issued.
Access token: oph0rpm75a770ai75icjdo9aoq:kat2t8ushjgqqkagelo4jm1ksj
Valid until: 2025-11-21 11:56:39 CET
Please note that the access token is a credential and must be handled with care.
The access token should be revoked using the 'revoke-token' command when no longer needed.
The Spotfire_server database tables OAUTH2_ACCESS_TOKENS and OAUTH2_AUTH_CODES do not contain any entry and I cannot lookup the validity of the token
a place to reference you are using scim, and details telling where the remote provisioning is running from
Tokens that are given out should be registered with validity timestamps and must be alerted n time before expiry
seperate scim_heartbeat.log
configurable threshold for missed heartbeat and number of missed heartbeats before throwing an error.
remark: the issue-access-token command spits out a token, but this token can not be viewed afterwards to check e.g. the validity
remark2 the config revoke-token --token=removethisrandomstringtokenthatdoesnotexists successfully completes