Support Article
Error on redirecting to Pega during authentication
Summary
OAuth 2.0 authentication is used to authenticate with an external application with Grant Type as Authorization Code. The Callback (Redirect) URL that Pega generates is configured on the external application. However, error displays on the browser on redirecting to Pega during the authentication.
Error Messages
Caused by: pub.PRRuntimeException: Unable to obtain access token for client details in authentication profile
configured. Please check the logs for more details.
at integration.engine.internal.client.oauth2.OAuth2ClientImpl.getAccessToken(OAuth2ClientImpl.java:1106)
at generated.activity.ra_action_pzgetaccesstoken
.step3_circum0(ra_action_pzgetaccesstoken_java:397)
Caused by: pub.PRRuntimeException: Access token endpoint invocation failed : Response status : 400 Bad Request
at integration.engine.internal.client.oauth2.OAuth2ClientImpl.getTokenFromEndpoint(OAuth2ClientImpl.java:525)
at integration.engine.internal.client.oauth2.OAuth2ClientImpl.getAccessTokenFromEndpoint(OAuth2ClientImpl.java:496)
at integration.engine.internal.client.oauth2.OAuth2ClientImpl.getAccessToken(OAuth2ClientImpl.java:1102)
Steps to Reproduce
- Configure the OAuth2.0 authentication profile rule on the external system with the Grant Type as Authorization Code
- Provide secret, scope and redirect endpoint to the identifier
Root Cause
The external system required scope. However, Pega did not send it when Grant Type was Authorization Code
Resolution
Apply HFix-52139.
Published April 3, 2019 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.