Reference13r3:Services/OAuth2/State: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 25: | Line 25: | ||
= TroubleShooting = | = TroubleShooting = | ||
>State: OpenID configuration not compatible, refetching configuration after a timeout | |||
>No OpenID configuration retrieved yet! Check the OpenID URL and/or your network settings and if the OpenID server certificate is trusted! | |||
This happens when the config file is not received/fetch at all by the Gateway so possible problems: | |||
- DNS not solving correctly | |||
- No connectivity to the target URL | |||
- The Gateway doesn't Trust the certificate of the Web URL. |
Revision as of 14:48, 21 February 2024
This page shows the state of the OpenId configuration and information that is useful for tracking down problems with the configuration.
- State
- The state of the connection. Possible values are
- disabled
- configuration incomplete
- fetching configuration from OpenID server
- OpenID configuration not compatible, refetching configuration after a timeout
- OpenID configuration compatible
- OpenId configuration elements
- Authorization endpoint: URI which is used to login in myApps
- JWKS URI: URI which is used to fetch neccessary keys to verify the id_token signature
- Support for id_token response type: the response type id_token must be supported
- Support for id_token signing algorithm RS256: the id_token signing algorithm RS256 must be used
- Support for response mode form_post: the response mode form_post must be supported
- Support for upn claim: the upn claim must be returned within the id_token
- Support for unique-name claim: the unique-name claim must be returned within the id_token
- Support for nonce claim: the nonce claim must be returned within the id_token
- OpenId keys
- a list of keys which can be used to verify the signature of an id_token
- kid
- x5t
- n
- e
TroubleShooting
>State: OpenID configuration not compatible, refetching configuration after a timeout >No OpenID configuration retrieved yet! Check the OpenID URL and/or your network settings and if the OpenID server certificate is trusted!
This happens when the config file is not received/fetch at all by the Gateway so possible problems:
- DNS not solving correctly - No connectivity to the target URL - The Gateway doesn't Trust the certificate of the Web URL.