Layer7 API Management

rocessing request for service: auth/oauth/v2/authorize [/auth/oauth/v2/authorize]

2017-09-22T00:58:20.866-0400 INFO    305 com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion: 7101: Comparison did not match: ${requireClientCert} is equal to true

2017-09-22T00:58:20.867-0400 INFO    305 com.l7tech.server.policy.assertion.ServerRegex: 6306: Failing because expression was not matched none|login|consent

2017-09-22T00:58:20.867-0400 INFO    305 com.l7tech.server.policy.assertion.ServerRegex: 6306: Failing because expression was not matched page|social_login|local

Hey Jazz,

As per error seems client id is not valid . Can you please confirm if you are getting this error in all the request ?

Also check the client id with consumer of the API .In case if client id  is configured in policy then please check and ensure you are correct value .

Thanks!
Prashant Srivastava

Hi Jaspreet,

What version of OTK are you using? Are you testing this through the OAuth test clients or custom client? The error indicates that the client id/secret are invalid. Firstly I would confirm this combo in the request matches what is registered in OAuth Manager.

The RegEx messages are only indicating a failure to find these parameters for OIDC.

Regards,

Joe

It should be noted that it was discovered recently that there is a 32 character recommended limit on the client ID and secret, which will help avoid a 128 character limit in the Authorization header -- and if you use the Authorization header in your request and it is above 128 characters, the same error message of "The given client credentials were not valid" may be seen.

I am currently writing a KB article on the topic and will put in the full URL once it is published.

Sincerely,

Dustin Dauncey
Sr Support Engineer, Global Customer Success
Email: Dustin.Dauncey@ca.com
Phone: +1 800 225 5224 ,48385
Phone if outside North America - https://tinyurl.com/CAContactSupport
CA API Management Community: https://tinyurl.com/CAAPIMCommunity