There is NPE (see debug.txt) after invalid value of "The SAML2 issuer Id" in STS Instance configuration. There should be proper error message. Nonverified input can be cause of security problems.
- Configure IDP and SP in standard scenario
- Configure STS on server with SP (https://backstage.forgerock.com/knowledge/kb/book/b93241706/a33982583)
- Configure OAUTH2 on server with SP
- get access_token using saml2-bearer grant_type - see attached 4448.sh
a) get IPlanetDirectoryPro for oauth user
b) request SAML assertion from STS
c) get OAUTH access token using grant-type=saml2-bearer