Difference in error messages - OTK 4.6.1
search cancel

Difference in error messages - OTK 4.6.1

book

Article ID: 271760

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

After upgrading to OTK 4.6.1 from OTK 4.4 version. 

While testing we observe that there is difference in error messages being reported in OTK4.6.1 from that of OTK4.4

On providing incorrect rediect uri during OAuth flow so far (otk 4.4) the response from Gateway used to be 
<p><b>error: </b>invalid_redirect_uri<br/><b>error_description: </b>One or more redirect_uri
values are invalid. Given: 'testURI'</p>
 
Now with 4.6.1 we see it is changed to -
 
<p><b>error: </b>invalid_client_metadata<br/><b>error_description: </b>One or more redirect_uri
       values are invalid. Given: 'testURI'</p>
 
This new error code/message "invalid_client_metadata" is not part of error codes published online for 4.6 OTK version .
 
https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-6/apis-and-assertions/error-codes.html

Environment

CA API Gateway, version 10.1, OTK 4.6.1

Resolution

According engineering this was changed as part of the OpenID compliance.

We will review this and update if needed in a future release.

if you would like to keep the original message for a wrong redirect URL .

You can do the following customization using OTK Customization.

 

Steps:

1- Copy the below block from OTK Fail with error message

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=iSjRFgcX+gv6DBTDLULWTg==

2- Paste the block within #policy - #OTK Fail with error message as shown below

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=UsqlHSE9+MD8kpFK7SgiAg==

3- Update the error message in the #policy  to invalid_redirect_uri  within in the variable error.msg

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=7pjJ140nqi7AyIIUlLAD0A==

3- Save & Activate the #policy

Now you have back the original error message .