SCIM: The request contains invalid parameters or values


I am trying to connect to a Target System using oAuth authentication method via SCIM. We are using the version 9.0 LTS.

We populate all the correct values and when we try to test the connection we get the below error message:

Error returned: {"error": invalid_request", "error_description": The request contains invalid parameters or values."}

Error returned: The remote server returned an error: (400) Bad Request.

I tried to do a Postman request using the correct access token, client ID and client secret and we manage to return the users and groups. In Postman it seems to be working, while Sync Editor doesn't recognise the connection info.

I tried to reach the server without the authorization token and then I am getting a different type of error message with HML headers: Unauthorized. Proper authorization is required for this area. Either your browser does not perform authorization, or your authorization has failed.

In the meantime, out of curiosity, I tried to mimic the behavior of Sync Editor to Postman by doing the request in a different order and I got the same error messages. 

My question to you is, have you seen something similar before? Is there any specific order the sync editor follows to achieve an oAuth request? 

Thank you in advance!

Parents Reply Children
  • Hi Chrysoula,

    I would rule out some copy / paste errors and some possible issues during changing a connection configuration with creating a new connection configuration. To be sure to "Authorization" header has the correct value I would do the encoding of authorization string used by OAuth 2.0 myself as follows:

    concatenate  <client Id> ":" <client secret> and let encode this string as Base64 (use the website

    Put the result into "authorization string (base64)" field. Set the scope to "client based" and configure the value "urn:opc:idm:__myscopes__". Test this configuration.

    If the result is same error you should consult the Oracle admin to have a look at the access logs to find out which parameter is faulty.



  • Hi  ,  thanks for all your help with this.  Looks like we have found the solution.  We had all the right values, just not necessarily in the right place!  After some trial and error, we found we had to put the Client ID in the User name field (not the Application / Client ID field as you would expect) and the Client secret had to go in the Password field (not the Client Secret field as you would expect).  After that we were able to connect and browse the target.  Regards, Barry.