Environment
Identity Manager 4.5
Identity Applications 4.5
Self Service Password Reset 3.3
SSPR 3.3
Application server is configured with SSL/HTTPS
Identity Applications 4.5
Self Service Password Reset 3.3
SSPR 3.3
Application server is configured with SSL/HTTPS
Situation
When accessing SSPR, before being prompted for authentication, the user is presented with an error which reads:
“An invalid OAuth2 request was received”
This error may also occur after logging in to the dashboard or landing pages and being redirected to SSPR.
This could also be seen for the other identity applications if a similar error is made in the configuration.
“An invalid OAuth2 request was received”
This error may also occur after logging in to the dashboard or landing pages and being redirected to SSPR.
This could also be seen for the other identity applications if a similar error is made in the configuration.
Resolution
Run configupdate and click on the SSO Clients tab.
Ensure that for the Identity Application in question the OSP OAuth redirect url parameter uses a protocol, host, domain, and port that will actually be used by the user.
Update the server information as needed.
Restart your application server.
The path information is crucial and should be as shown below for SSPR.
Ensure that for the Identity Application in question the OSP OAuth redirect url parameter uses a protocol, host, domain, and port that will actually be used by the user.
Update the server information as needed.
Restart your application server.
The path information is crucial and should be as shown below for SSPR.
Cause
The problem is that OSP must be using the URL that is presented in the user’s browser. If you have enabled SSL/TLS/HTTPS and are running on the standard port of 443 then browsers will remove the port number from the request.