Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5690

Get an Access Token From SAML 2.0 on 12.0.0 uses grant type saml2-bearer, but TokenEndpoint is not defined in OAuth2Application

    Details

    • Support Ticket IDs:

      Description

      On OpenAM12,
      Trying to implement: http://docs.forgerock.org/en/openam/latest/admin-guide/index/chap-oauth2.html#oauth2-sp-and-authz

      Returns error message:

      {"error":"unsupported_grant_type","error_description":"Grant type is not supported: urn:ietf:params:oauth:grant-type:saml2-bearer"}

      Root cause is that
      OAuth2Saml2GrantSPAdapter uses the grant type OAuth2Constants.SAML20.GRANT_TYPE_URI which is defined as urn:ietf:params:oauth:grant-type:saml2-bearer
      But OAuth2Application only defines the end point TokenEndpoint.JWT_BEARER which is urn:ietf:params:oauth:grant-type:jwt-bearer

        Attachments

          Activity

            People

            • Assignee:
              quentin.castel Quentin CASTEL [X] (Inactive)
              Reporter:
              nathalie.hoet Nathalie Hoet
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: