Uploaded image for project: 'ForgeRock IoT'
  1. ForgeRock IoT
  2. THINGS-27

Requesting tokens and config fails when using SSL termination

    XMLWordPrintable

    Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 7.0.0
    • 7.1.0
    • SDK
    • None
    • 2020.13 - IoT - Altocumulus

      Description

      Bug description

      Requesting an access token or configuration fails when using things on ForgeOps.

      Any request made to the `/things` endpoint fails with an "invalid request" error when SSL is terminated at the load balancer/ingress.

      How to reproduce the issue

      The issue can be seen when Things are enabled for the Identity Platform with ForgeOps.

      Work around

      No workaround is available.

      Code analysis

      This is due to the JWT Proof of Possession audience validation that occurs in AM when a PoP restricted SSO token is used for a request.

        Attachments

          Issue Links

            Activity

              People

              jaco.jooste Jaco Jooste
              jaco.jooste Jaco Jooste
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: