Skip to content

User already exists but no authentication provider found

Error message (sample)

The portal returns a message indicating the user already exists but no authentication provider could be found. Example (redacted):

{
    "message": "User [username or app registration id] already exists but no authentication provider found. Please do a PostUser request.",
    "errors": [
        "User [username or app registration id] already exists but no authentication provider found. Please do a PostUser request."
    ]
}

Symptoms

  • The portal returns an error when the user attempts to interact with the configuration APIs.

Scope

This occurs when a new user is added that has not logged in at least once. It can happen on both the Customer Hosted Model and the SaaS Model.

Known instances

Service Principals

When creating a brand new Service Principal to use for service accounts on the platform.

Root cause

The user has not been verified at least once. If a user is added to a Customer, Project or Environment and the user has never logged into the NPO Portal (npobp_portal), the user remains in an unverified state.

Resolution

Have the user perform a POST to /api/maintenance/user with a valid JWT token. This happens automatically when the user first logs into the NPO Portal (npobp_portal). For Service Principals (App Registrations), perform the same POST using the service principal's token; the request requires only the JWT Authorization Bearer token and any API keys (for APIM). Once verified the user will be usable by the platform.

Verification checklist

  • [ ] User can authenticate and perform the previously failing operation
  • [ ] No more "no authentication provider found" errors in logs

Notes

Keep service principal onboarding instructions handy for automation and CI scenarios.