User already exists but no authentication provider found
Error message (sample)
The portal returns a message indicating the user already exists but no authentication provider could be found. Example (redacted):
{
"message": "User [username or app registration id] already exists but no authentication provider found. Please do a PostUser request.",
"errors": [
"User [username or app registration id] already exists but no authentication provider found. Please do a PostUser request."
]
}
Symptoms
- The portal returns an error when the user attempts to interact with the configuration APIs.
Scope
This occurs when a new user is added that has not logged in at least once. It can happen on both the Customer Hosted Model and the SaaS Model.
Known instances
Service Principals
When creating a brand new Service Principal to use for service accounts on the platform.
Root cause
The user has not been verified at least once. If a user is added to a Customer, Project or Environment and the user has never logged into the NPO Portal (npobp_portal), the user remains in an unverified state.
Resolution
Have the user perform a POST to /api/maintenance/user with a valid JWT token. This happens automatically when the user first logs into the NPO Portal (npobp_portal). For Service Principals (App Registrations), perform the same POST using the service principal's token; the request requires only the JWT Authorization Bearer token and any API keys (for APIM). Once verified the user will be usable by the platform.
Verification checklist
- [ ] User can authenticate and perform the previously failing operation
- [ ] No more "no authentication provider found" errors in logs
Notes
Keep service principal onboarding instructions handy for automation and CI scenarios.