Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-13744

IDM 6.0 with AM OIDC integration /openidm/authentication?_action=login sends empty headers X-OpenIDM-Username/X-OpenIDM-Password

    Details

    • Support Ticket IDs:
    • Zendesk ID:
      42439

      Description

      With IDM/AM OIDC integration, openidm/authentication?_action=login is sent with headers

      X-OpenIDM-DataStoreToken: eyJ0e...
      X-OpenIDM-NoSession: false
      X-OpenIDM-OAuth-Login: true
      X-OpenIDM-Password:	
      X-OpenIDM-Username:	
      

      Since it uses X-OpenIDM-DataStoreToken, X-OpenIDM-Password and X-OpenIDM-Username are not needed. In fact, these two headers are no longer in IDM 6.5.

      X-OpenIDM-DataStoreToken: eyJ0e...
      X-OpenIDM-NoSession: false
      X-OpenIDM-OAuth-Login: true
      

      The issue with empty X-OpenIDM-Username and X-OpenIDM-Password is WAF blocks such packets.

        Attachments

          Activity

            People

            • Assignee:
              matthias.grabiak Matthias Grabiak
              Reporter:
              yinyan.cao Yinyan Cao
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: