Environment
NetIQ Access Manager 4.2
NetIQ Access Manager 4.2 Mobile Access
NetIQ Access Manager 4.2 Mobile Access
Situation
- Access Manager has been upgraded from version 4.1 SP1 to NAM 4.2
- Mobile Access has been configured using default settings
- User trying to authenticate receive a "invalid_grant. authorization code expired" error.
Resolution
- The AOuth & OpenID Connect Global Settings have been configured with an "Authorization Code Timeout" value of "0" (default 3 minutes)
- The Authorization Grant LDAP Attribute which has been configured does not exist in the configured userstore
Additional Information
NetIQ Mobile Access make use of the OAuth protocol. In order to get some more details about the reported error the following NIDP cluster logging options have been enbled:
Enable File Logging
Echo To Console,
Component File logger Levels:
Application: = "debug"
OAuth & OpenID Connect: = "debug"
Enable File Logging
Echo To Console,
Component File logger Levels:
Application: = "debug"
OAuth & OpenID Connect: = "debug"