Symptoms
Task Provisioning "tenant" for APS application
fails with the output:
APS Application Error:
403 Forbidden
Authentication Failed.
In /var/log/pa/core.log
the following error can be found:
Jan 01 12:34:56.548 : ERR [rest:498194 1:28305:7f46d0ff9700 SAAS 891515535]: [ initResourceOwnerSecurityContext] Resource selected for impersonation does not belong to the requesting application.
Jan 01 12:34:56.548 : DBG [rest:498194 1:28305:7f46d0ff9700 lib 891515535]: [ initResourceOwnerSecurityContext] {module_id="APSManager"; code="53"} Authentication failed.
Cause
Wrong configuration of the Service Template for the subscription.
Resolution
Check that resources of Service Template belong to the same APS instance of the APS Application. Remove resources of the different APS instance and resubmit the failed task.