Reference13r3:Services/OAuth2/State
Jump to navigation
Jump to search
This page shows the state of the OpenId configuration and information that is useful for tracking down problems with the configuration.
- State
- The state of the connection. Possible values are
- disabled
- configuration incomplete
- fetching configuration from OpenID server
- OpenID configuration not compatible, refetching configuration after a timeout
- OpenID configuration compatible
- OpenId configuration elements
- Authorization endpoint: URI which is used to login in myApps
- JWKS URI: URI which is used to fetch neccessary keys to verify the id_token signature
- Support for id_token response type: the response type id_token must be supported
- Support for id_token signing algorithm RS256: the id_token signing algorithm RS256 must be used
- Support for response mode form_post: the response mode form_post must be supported
- Support for upn claim: the upn claim must be returned within the id_token
- Support for unique-name claim: the unique-name claim must be returned within the id_token
- Support for nonce claim: the nonce claim must be returned within the id_token
- OpenId keys
- a list of keys which can be used to verify the signature of an id_token
- kid
- x5t
- n
- e
TroubleShooting
State: OpenID configuration not compatible, refetching configuration after a timeout No OpenID configuration retrieved yet! Check the OpenID URL and/or your network settings and if the OpenID server certificate is trusted!
This happens when the config file is not received/fetch at all by the Gateway so possible problems:
- DNS not solving correctly - No connectivity to the target URL - The Gateway doesn't Trust the certificate of the Web URL.