SSO Deploy Service Broker Errand fails with "Error requesting access token"
search cancel

SSO Deploy Service Broker Errand fails with "Error requesting access token"

book

Article ID: 293420

calendar_today

Updated On:

Products

Operations Manager

Issue/Introduction

When attempting to run the Deploy Single Sign-On errand, it fails with: 
Updating service broker identity-service-broker as ...

FAILED

Server error, status code: 502, error code: 10001, message: Service broker error: Error requesting access token.


Looking at the identity-service-broker logs in the system org / identity-service-space space shows further details on the failure:

Caused by: org.springframework.web.client.HttpClientErrorException: 401 Unauthorized


Resolution

To resolve this issue, we need to delete the sso-monolith client, and rerun the Deploy Service Broker errand:
 
  1. uaac target https://login.<SYS.DOMAIN>
  2. Retrieve the UAA Admin Client Credentials, located in the TAS tile -> Credentials Tab
  3. uaac token client get admin -s <SECRET> , where <SECRET> is the password retrieved above.
  4. Run uaac clients, and verify that sso-monolith is in the list.
  5. Delete the client with uaac client delete sso-monolith
  6. Rerun the errand.
This will add the client with the correct credentials.

Powered by Wolken Software