Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-4344

OAuth2 SAML bearer grant does not work

    Details

    • Support Ticket IDs:

      Description

      The SP adapter does not pass the realm to the access_token endpoint; only client_id, grant_type and assertion are sent.

      User has setup SAML 2.0 bearer assertion profile for OAuth 2.0 under a sub-realm. IDP-inited single sign on succeeds but the /access_token endpoint returns:

      {"error_description":"Client authentication failed","error":"invalid_client"}

      EDIT:

      The SAML 2.0 bearer was not bind. This issue also affected the top realm. The current fix only bind the SAML bearer which solve the issue on the top realm. However, the issue still exist on the realm : see OPENAM-6552

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                quentin.castel Quentin CASTEL [X] (Inactive)
                Reporter:
                javed.shah Javed Shah
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: