Tech Tip : CA Single Sign-On : Policy Server :: Google Authentication : An error response was sent from the Authorization Server. Error: invalid_grant

Discussion created by Patrick-Dussault Employee on Apr 17, 2018


We run Policy Server configured to login with Google, then the login
process fails and returns error :

[Cookies:{}] [Message: { "error" : "invalid_grant",
"error_description" : "Code was already redeemed." }]]

How can we solve that ?




You may experience this issue because the certificates on the CA
Single Sign-On side are not update.





1) In a command console where you have openssl installed, run the
below command to get this new root certificate

openssl s_client -connect -showcerts

Save the Root certificate for "CN=Google Internet Authority G3, O=Google Trust Services, C=US"

2) Import this root certificate in AdminUI as CA Authorities.

This will solve the issue.



KB : KB000091688