AWS SCIM Provider "Failed to sync user due to transient error: Response 400. The attribute username is not defined in schema" #20857
Description
Describe the bug
Configured SCIM provider according to the documentation Integrate with Amazon Web Services (IAM Identity Center) - SCIM Configuration
How to reproduce
- Integrate AWS IAM Identity Center according to the docs
- Wait for SCIM Provider scheduled task to start or run it manually
- Navigate to Applications > Providers, select configured SCIM Provider
- In the Overview tab > Schedules expand to Sync SCIM provider objects task for
user
The log contains warning "Failed to sync due to transient error: <Response [400]>".
Users are not provisioned to AWS IAM Identity Center.
Expected behavior
Execution logs do not contain any warnings.
Users are provisioned to AWS IAM Identity Center.
Screenshots
Additional context
Groups are provisioned to AWS IAM Identity Center without errors.
Deployment Method
Kubernetes
Version
2025.12.1
Relevant log output
{
"obj": {
"pk": 7,
"email": "REDACTED",
"username": "REDACTED"
},
"exception": [
{
"frames": [
{
"name": "sync_objects",
"lineno": 155,
"filename": "/authentik/lib/sync/outgoing/tasks.py"
},
{
"name": "write",
"lineno": 70,
"filename": "/authentik/lib/sync/outgoing/base.py"
},
{
"name": "create",
"lineno": 67,
"filename": "/authentik/providers/scim/clients/users.py"
},
{
"name": "_request",
"lineno": 84,
"filename": "/authentik/providers/scim/clients/base.py"
}
],
"exc_type": "SCIMRequestException",
"is_cause": false,
"is_group": false,
"exc_notes": [],
"exc_value": "<Response [400]>",
"exceptions": [],
"syntax_error": null
}
]
}