NAM 4.2 Error: " Invalid Scopes: read_stream" logging into Identity Server via Facebook

  • 7017207
  • 29-Jan-2016
  • 29-Jan-2016

Environment

NetIQ Access Manager 4.1
NetIQ Access Manager 4.2

Situation

Set up a new app in Facebook on the 2.5 API and after configuring the social auth class and logging in via Facebook, users get the following error:

Invalid Scopes: read_stream. This message is only shown to developers. Users of your app will ignore these permissions if present. Please read the documentation for valid permissions at: https://developers.facebook.com/docs/facebook-login/permissions

Facebook have deprecated the read_stream permission, only granting it to a very select few applications and any apps created using the 2.5 APIs will see this error. Apps created using older APIs will continue to work fine.


Resolution

Fix will be included in 4.2 SP1. For those needing a fix before this, download the socialauth-4.10.jar file from http://mvnrepository.com/artifact/org.brickred/socialauth/4.10 and

- copy it to /opt/novell/nam/idp/webapps/nidp/WEB-INF/lib/ directory of Identity Server
- remove the old socialauth-4.x.jar file from the directory (where x depends on the version of NAM installed)
- restart the IDP server with rcnovell-idp restart

Feedback service temporarily unavailable. For content questions or problems, please contact Support.