"An error occurred during OAuth2 operation" while accessing the vRealize Orchestrator Control Center
Article ID: 319673
Updated On:
Products
VCF Operations/Automation (formerly VMware Aria Suite)
Issue/Introduction
Symptoms:
When you attempt to access VMware vRealize Orchestrator Control Center, you receive an error similar to:
An error occurred during OAuth2 operation. Please contact your administrator to resolve the issue.
( "error": "invalid_request", "error_description": "Must provide a valid redirection uri." )
An error occurred during OAuth2 operation. Please contact your administrator to resolve the issue.
( "error": "invalid_request", "error_description": "Must provide a valid redirection uri." )
Environment
VMware vRealize Automation 7.0.x
VMware vRealize Automation 7.2.x
VMware vRealize Automation 6.2.x
VMware vRealize Automation 7.4.x
VMware vRealize Automation Desktop 6.2
VMware vRealize Automation 6.x
VMware vRealize Automation 7.1.x
VMware vRealize Automation 6.2
VMware vRealize Automation 7.x
VMware vRealize Automation Desktop 6.2.x
VMware vRealize Orchestrator 7.3.x
VMware vRealize Automation 7.3.x
VMware vRealize Automation 7.2.x
VMware vRealize Automation 6.2.x
VMware vRealize Automation 7.4.x
VMware vRealize Automation Desktop 6.2
VMware vRealize Automation 6.x
VMware vRealize Automation 7.1.x
VMware vRealize Automation 6.2
VMware vRealize Automation 7.x
VMware vRealize Automation Desktop 6.2.x
VMware vRealize Orchestrator 7.3.x
VMware vRealize Automation 7.3.x
Cause
This issue occurs when some upgrade tasks related to vRealize Orchestrator's RBAC activation failed to process.
Resolution
This issue is resolved in VMware vRealize Automation 7.4, available at VMware Downloads.
To work around this issue:
- Snapshot or backup your environment before proceeding.
- Identify the main database node in your vRA HA environment and stop vco-server and vco-configurator services on all other nodes.
- Identify the main database node by navigating to VAMI UI > vRA Settings > Database tab.
- Log in to replica nodes through SSH and run these commands:
service vco-server stop
service vco-configurator stop
- Log in to vRA main node through SSH and run this command:
rm /etc/vco/app-server/vco-registration-id
- View or edit the /etc/vco/app-server/sso.properties configuration file.
If the property name com.vmware.o11n.sso.admin.group.name contains intervals or any other bash related special symbols, edit the file as:
- Copy the line with the property and put some simple string for value, for example AdminGroup.
-
Comment the original line with the property by adding # at the beginning of the line.
- Reconfigure the vco-service by running this command:
vcac-vami vco-service-reconfigure
- If you have changed the sso.properties file in step 4:
- Un-comment the original line containing the property com.vmware.o11n.sso.admin.group.name.
- Remove the newly added line with the temporary group name.
- Restart the vco-server service by running this command:
service vco-server restart
- Start/restart the vco-configurator service by running this command:
service vco-configurator restart - When all the services are registered, join the vRealize Automation replica nodes to the vRealize Automation main appliance to synchronize the vRealize Orchestrator configuration. For information, see “Reconfigure the Target Embedded vRealize Orchestrator to Support High Availability,” section of official product documentation.
Additional Information
To receive and be alerted when this article is updated, click Subscribe to Article in the Actions box.
Feedback
Yes
No
Powered by
