OIDC Client Application throws error failing to retrieve access_token from SiteMinder Authorization Provider

search cancel

OIDC Client Application throws error failing to retrieve access_token from SiteMinder Authorization Provider

book

Article ID: 395909

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign-On CA Single Sign On Federation (SiteMinder)

Issue/Introduction

In a new deployment, OIDC client can retrieve the code but when submiting the code via backchannel it fails to receive access_token and instead HTML code was returned.

Cause

Authorization Provider's endpoints were protected.

/affwebservices/CASSO/oidc/<Client>/authorize

As this is protected, the OIDC Client submitting code to the endpoint will be receiving HTTP 302 redirect and not the token.

Resolution

Configure the Authentication URL and that should be protected.

OIDC endpoints URL must not be protected.

Feedback

thumb_up Yes

thumb_down No