REST HTTP 401 Errors after successful login to OSP

  • Document ID:7024397
  • Creation Date:31-Jan-2020
  • Modified Date:30-Mar-2020
    • Micro Focus Products:
      Identity Manager
      Identity Manager Roles Based Provisioning Module

Environment

Identity Manager 4.7.3

Situation

  • Identity Manager 4.7 Identity Applications were installed
  • Identity Manager 4.7.3 Identity Applications were installed
  • Identity Manager was configured with the Identity Manager 4.7 configure script
  • The user is able to successfully login to OSP.
  • The user gets a spinning circle icon and the developer mode details show HTTP 401 errors when making REST calls to Identity Manager

Resolution

Add the following values to the ism-configuration.properties file and restart tomcat:

com.netiq.idm.osp.oauth.issuer = ${com.netiq.idm.osp.url.host}/osp/a/idm/auth/oauth2
com.netiq.idm.osp.oauth.access-token-format.format = jwt
com.netiq.idm.osp.oauth.attr.roles.maxValues = 1
com.netiq.idm.osp.oauth.dn = name
com.netiq.idm.osp.oauth.first.name = first_name
com.netiq.idm.osp.oauth.last.name = last_name
com.netiq.idm.osp.oauth.initials = initials
com.netiq.idm.osp.oauth.email = email
com.netiq.idm.osp.oauth.language = language
com.netiq.idm.osp.oauth.cacheable = cacheable
com.netiq.idm.osp.oauth.expiration = expiration
com.netiq.idm.osp.oauth.auth.src.id = auth_src_id
com.netiq.idm.osp.oauth.client = client
com.netiq.idm.osp.oauth.txn = txn

Cause

The Identity Manager 4.7.3 install expects Identity Manager Identity Applications to already be configured.  The install adds required values to the ism-configuration.properties file.  The correct order for an install is:
  • Install Identity Manager 4.7 Identity Applications 
  • Configure Identity Manager Identity Applications with the configure.sh script
  • Install Identity Manager 4.7.3 Identity Applications