Integrations

How to download 1Password SCIM Bridge logs

You can send us more information to help resolve an issue you’re having with 1Password SCIM Bridge. SCIM bridge logs include error messages about the SCIM bridge that help 1Password Business Support identify and solve problems you may be experiencing. They do not contain your secrets or other 1Password data.

Download and send logs from your SCIM bridge

AWS Fargate

  1. Sign in to the AWS Management Console, then go to the CloudWatch console  .

  2. Select Logs in the sidebar, then select Log Groups.

  3. Search for the SCIM bridge log group, then choose the SCIM bridge log stream.

  4. Select Actions and choose View in Logs Insight.

  5. In the query editor, add the following line to the end of the default query:

     | limit 10000
    
  6. Select Custom, then select one week from the Relative tab and select Apply.

  7. Select Run query and wait for the query to finish running.

  8. Select Export results and choose Download table (CSV).

  9. Attach the file to your reply to 1Password Business Support.

Azure Container Apps

  1. In Azure, go to Container Apps.

  2. Select your container app.

  3. Select Logs.

    If the Queries pop-up opens, you can close it.

  4. Select a Time Range from one of the available options, or choose Custom.

  5. Copy the following query, replacing op-scim-bridge-con-app with the name of your container app if it’s different:

     ContainerAppConsoleLogs_CL
     | where ContainerAppName_s == 'op-scim-bridge-con-app'
     | project Time=TimeGenerated, AppName=ContainerAppName_s, Revision=RevisionName_s, Container=ContainerName_s, Message=Log_s
    
  6. Select Run.

  7. Select Export and choose either CSV (displayed columns) or CSV (all columns).

  8. Attach the file to your reply to 1Password Business Support.

DigitalOcean

  1. Install and configure doctl.

  2. Visit the DigitalOcean dashboard and select Manage in the sidebar, then select Kubernetes.

  3. Select the cluster where the SCIM bridge is deployed and note the name of your cluster.

  4. Open a terminal session with doctl.

  5. Copy the following command, replace <cluster-name> with your cluster name, and run the command:

     doctl kubernetes cluster kubeconfig save <cluster-name>
    
  6. Run the following command:

     kubectl get pods -n op-scim-bridge
    
  7. Make note of the pod name that begins with op-scim-bridge.

  8. Copy the following command, replace <pod-name> with your pod name, and run the command:

     kubectl logs <pod-name> -n op-scim-bridge
    
  9. Attach the file to your reply to 1Password Business Support.

Docker

  1. From the Docker command line, run the following command:

     docker logs op-scim_scim_1 > scim.log
    
  2. Attach the file to your reply to 1Password Business Support.

Google Cloud Platform

You can download SCIM bridge logs from either the Kubernetes Engine console or the Cloud Shell.

Kubernetes Engine console

  1. Visit the list of Workloads on Google Cloud Platform  and select the Deployment of your SCIM bridge.
  2. Select the Logs tab then select the Go to Logs Explorer button.
  3. In the query results section, select Edit Time, choose 7 days, then select Apply.
  4. Select Actions and choose Download logs.
  5. Change the maximum log entries to 10,000 and make sure JSON format is selected, then select Download.
  6. Attach the file to your reply to 1Password Business Support.

Cloud Shell

  1. Visit the list of Clusters on Google Cloud Platform  and select the cluster you use for 1Password SCIM Bridge.

  2. Select Connect and choose Run in Cloud Shell.

  3. Allow any API permissions, then press Return to connect to the cluster.

  4. Copy this command and paste it into the shell window, then press Return:

     kubectl logs $(kubectl get pods | awk '$1 ~ /op-scim-bridge/ && 1 != /deployer/ {print $1}')
    
  5. Copy and paste the logs from the shell window into a text editor and save the file.

  6. Attach the file to your reply to 1Password Business Support.

Kubernetes and Azure Kubernetes

  1. From the command line, copy and paste the following command and press Return:

     kubectl logs $(kubectl get pods | awk '$1 ~ /op-scim-bridge/ {print $1}') > scim.log
    
  2. Attach the file to your reply to 1Password Business Support.

SCIM bridge logs and privacy

1Password respects your privacy, so the only information we have to diagnose problems is information you send us. We never use the information in 1Password SCIM Bridge logs for anything other than diagnosing issues you’re having.

SCIM bridge logs contain information necessary to assist you in troubleshooting, including information about:

  • Your 1Password account: Account, group, vault, and user UUIDs (universally unique identifiers).
  • Domains: The domain name of your SCIM bridge.
  • Clusters: Cluster name, cluster location, container name, namespace name, pod name, and project ID.

In some situations, SCIM bridge logs may also contain information that is not necessary for troubleshooting. You can remove this information from your log file before sending it to us:

  • IP addresses: The IP address of your SCIM bridge.
  • Phone numbers and addresses: The phone numbers and addresses for anyone who has been provisioned or updated from the SCIM bridge.

    For Azure AD only. If you're using a different identity provider, phone numbers and addresses are not included.

  • Usernames and email addresses: 1Password account usernames and email addresses for anyone who has been provisioned or updated from the SCIM bridge.

    For SCIM bridge 1.6.2 or earlier only. If you're using SCIM bridge 2.0.0 or later, usernames and email addresses are not included.

Published: