31.11 Troubleshooting OAuth and OpenID Connect

This section discusses the following issues and workaround:

Section 31.11.1, The OAuth Tokens Are in Binary Format Instead of JWT Format
Section 31.11.2, Users Cannot Register a Client Application
Section 31.11.3, Token Exchanges Show Redirect URI Invalid Error
Section 31.11.4, Users Cannot Register or Modify a Client Application with Specific Options
Section 31.11.5, A Specific Claim Does Not Come to the UserInfo Endpoint during Claims Request
Section 31.11.6, Access Gateway OAuth Fails
Section 31.11.7, After Allowing Consent, 500 Internal Server Error Occurs
Section 31.11.8, The Access Token Does Not Get Exchanged with Authorization Code When Using a Multi-Node Identity Server Cluster
Section 31.11.9, No Error Message When a Token Request Contains Repetitive Parameters
Section 31.11.10, OAuth Token Encryption/Signing Key Is Compromised or Corrupted
Section 31.11.11, Tracing OAuth Requests
Section 31.11.12, OAuth Client Registration Fails If a Role Policy Contains a Condition Other than LDAP Attribute, LDAP Group, or LDAP OU
Section 31.11.13, The Identity Injection Policy Does Not Inject Passwords
Section 31.11.14, OAuth Apps Fail After Upgrading Access Manager