Unable to execute OIDC flow : Access token endpoint invocation failed : {ErrorMessage=Response status : 301 Moved Permanently, statuscode=301}
Hi All,
I am looking how to fix this problem regarding OIDC flow.
My IDP is KeyCloack whitch is behind a RP Nginx.
The redirect to keycloack authent page is done and authorize code is raised but when pega try to get the token throw /auth uri so it failed !!!!
It looks like pega don't authorize the status 3xx when he try the token phase, may be it's a security requirement ???
I set the debug log on pega oidcclienthandler , below the stack trace :
Hi All,
I am looking how to fix this problem regarding OIDC flow.
My IDP is KeyCloack whitch is behind a RP Nginx.
The redirect to keycloack authent page is done and authorize code is raised but when pega try to get the token throw /auth uri so it failed !!!!
It looks like pega don't authorize the status 3xx when he try the token phase, may be it's a security requirement ???
I set the debug log on pega oidcclienthandler , below the stack trace :
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - Initiating OIDC flow
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - Constructing authorization URL for OIDC provider
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - reqContextURI = https://xxxxx.pegacloud.net/prweb/PRAuth/app/sand-boxadi
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - reqContextUriTokens[0] = https://xxxxx.pegacloud.net/prweb/PRAuth
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - reqContextUriTokens[1] = sand-boxadi
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - tenantHash =
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - reqContextURI = https://xxxxx.pegacloud.net/prweb/PRAuth
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - Constructed authorization URL for OIDC provider : https://xxx-rpnginx/keycloack/auth/realms/Maestro/protocol/openid-connect/auth/?redirect_uri=https%3A%2F%2Fxxxxx.pegacloud.net%2Fprweb%2FPRAuth&client_id=pega&scope=openid&state=06d2231f2e7574226339ea48969622d62fac95038a8bce18b0050b44178ff690_app/sand-boxadi&nonce=f2a56c6892e685ad51867a7297808458e8cf315f7af95d1b6e29028757bd14ae&response_type=code
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - Processing authorization code recieved from OIDC provider
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - reqContextURI = https://xxxxx.pegacloud.net/prweb/PRAuth/app/sand-boxadi
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - reqContextUriTokens[0] = https://xxxxx.pegacloud.net/prweb/PRAuth
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - tenantHash =
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - reqContextURI = https://xxxxx.pegacloud.net/prweb/PRAuth
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - StateParam Validation is successful
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - Fetching access token using authCode received
H0V4N8XUW63N06646026YLW07V0Y2CGSDA - Exception is thrown for OIDC flow com.pega.pegarules.pub.PRRuntimeException: Access token endpoint invocation failed : {ErrorMessage=Response status : 301 Moved Permanently, statuscode=301}
Regards.
***Edited by Moderator Marije to add Support Case Details***
Pegasystems Inc.
GB
@ahmedd13 I would suggest that you log a support ticket via the MSP. Please provide the INC id here so that we can help track it.
LCL
FR