AnsweredAssumed Answered

Federation OAuth sendUserInformationRequest failing - sent as query and not header?

Question asked by kmwhiteley on May 17, 2018
Latest reply on May 18, 2018 by masvi10
How do we specify that the OAuth sendUserInformationRequest requests be sent using headers instead of a query?
Both WAOP 12.52 SP1 and CA Access Gateway 12.8 appear to be sending the OAuth sendUserInformationRequest requests to our User Information Service URL with the bearer token in the query instead of in the header. Azure AD is returning a "400 Bad Request" error for both WAOP and Access Gateway.
Support Authorization Header is set to Yes in our Partnership.
I replicated using curl:
curl -v -k -X GET https://login.microsoftonline.com/{tenant}/openid/userinfo?access_token={access_token}
400 Bad Request
curl -v -k -H "Authorization: Bearer {access_token}" -X GET https://login.microsoftonline.com/{tenant}/openid/userinfo
200 OK

Outcomes