NAM 4.2 Error: " Invalid Scopes: read_stream" logging into Identity Server via Facebook

  • 7017207
  • 29-Jan-2016
  • 29-Jan-2016


NetIQ Access Manager 4.1
NetIQ Access Manager 4.2


Set up a new app in Facebook on the 2.5 API and after configuring the social auth class and logging in via Facebook, users get the following error:

Invalid Scopes: read_stream. This message is only shown to developers. Users of your app will ignore these permissions if present. Please read the documentation for valid permissions at:

Facebook have deprecated the read_stream permission, only granting it to a very select few applications and any apps created using the 2.5 APIs will see this error. Apps created using older APIs will continue to work fine.


Fix will be included in 4.2 SP1. For those needing a fix before this, download the socialauth-4.10.jar file from and

- copy it to /opt/novell/nam/idp/webapps/nidp/WEB-INF/lib/ directory of Identity Server
- remove the old socialauth-4.x.jar file from the directory (where x depends on the version of NAM installed)
- restart the IDP server with rcnovell-idp restart