Environment
IDM Roles Based Provisioning Module 4.5
UserApplication
One SSO Provider 5.x, 6.x
Situation
All
IDM 4.5 Apps deploy correctly after installation, as is seen in catalina.out.
However, when accessing links like /IDMProv and /landing, there are clear OSP
errors. Most commonly, is seeing the below error when accessing /IDMProv -
Resolution
While
the above error could be related to many things, in this particular scenario
the osp-idm.*.log (* being the current date) indicated the following error
"Client "redirect_uri" did not validate against registered
urls!":
You can find this log in the same directory as catalina.out, the following are default locations -
Linux - /opt/netiq/idm/apps/tomcat/logs
Windows - C:\netiq\idm\apps\tomcat\logs
To resolve this issue, please confirm your OSP redirect url settings that can be found in the ./configupdate.sh (or ./configupdate.bat) file. Navigate to the "SSO Clients" tab. In each of these sections, verify the entry for "OSP Oauth redirect url." Make sure none of them are set to localhost, and make sure they are either all IP address, or all Hostname. Also make sure that all information that proceeds after the Hostname (and port, if applicable) can be left alone.
The below image points out settings you should confirm.
