Integration of the external OIDC Identity provider with VIP AuthHub 3.2.1 version fails
search cancel

Integration of the external OIDC Identity provider with VIP AuthHub 3.2.1 version fails

book

Article ID: 377457

calendar_today

Updated On:

Products

VIP Authentication Hub

Issue/Introduction

When integrating the external OIDC Identity provider with AuthHub either an IdP as a factor or BYOI flow, the /token call to the external IDP fails. The 'Test IDP' functionality in the AuthHub Admin Consoles also fails.

The log message shown in the azserver POD is:

The Response from idp <IDP NAME>, idpID<IDP ID> could not be verified due to token endpoint<Token Endpoint> , is down for the OpenID Provider<IDP NAME>

 

Environment

VIP Authentication Hub 3.2.1

Cause

This is happening because the read timeout value is being considered as microseconds and not milliseconds.

Resolution

To prevent the failure, this workaround can be used to address this issue.

In the Identity provider configuration increase the current value of read timeout multiplied by 1000 (add 3 zeros).

 

We will update the KB when a fix becomes generally available and the read timeout can be converted back to a milliseconds value.