unable to login OAuth
search cancel

unable to login OAuth

book

Article ID: 270507

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

The environment has two appliance gateways in a cluster. One node has been stopped for troubleshooting purposes. There have been recent issues with this node. When the services are restarted, the gateway works and then later on it fails. There have been no modifications to the environment recently. 

Some of the errors say:

{ "error":"invalid_grant",

"error_description":"The given grant is invalid"}

The access token was retrieved by client via a callback to the authorization server based on the authorization code value returned (<AZ_CODE>) on the redirection back from the authorization server.

 

Environment

API Gateway 10.1 (appliance)

Cause

There were login problems and configuration issues with the JDBC connection for OAuth.

Both of the gateway node.properties files were pointing to the primary gateway's fully qualified hostname as the SSG DB. In Policy Manager, the OAuth connection was configured with localhost. The secondary node was not getting updated.

 

Resolution

Change the OAuth JDBC connection to the fully qualified hostname of the primary GW. It should be configured to use the same OTK DB.