After upgrade to AuthHub 2.2 SiteMinder - AuthHub authentication flow failed with HTTP Status 500 error
search cancel

After upgrade to AuthHub 2.2 SiteMinder - AuthHub authentication flow failed with HTTP Status 500 error

book

Article ID: 278609

calendar_today

Updated On:

Products

VIP Authentication Hub SITEMINDER

Issue/Introduction

After upgrade from 2.1.5 to 2.2, SiteMinder - AuthHub authentication flow failed with HTTP Status 500 error. AuthHub's Kibana log shows "There are no obligations to request, returning AUTH_DENIED" error message.

The SiteMinder - AutHub flow was working before upgrade (in 2.1.5).
Application is set to ZFP mode and  isInlineEnrollmentAllowed is set to false, isAutoEnrollmentAllowed is set to true in Tenant's settings.

AuthHub didn't pick up email/phone_number claims at the root level of ID Token Hint, hence there is no obligations found.

Environment

VIP AuthHub 2.2

Cause

With userData section presents in ID Token Hint, the regular email/phone_number claims at the root level are NOT picked up even if the userData does not contain equivalent key/value.

Resolution

This issue is fixed in AuthHub 2.2.3. With 2.2.3, the "email" and "phone_number" will be taken from UserData section in ID Token Hint if available there, and if not, from the simple claims at the root level.
Please upgrade AuthHub to resolve this problem.

Powered by Wolken Software