Support Article
OAuths redirect REST service fails to fetch Auth token
SA-69870
Summary
oAuth2 redirect REST Service fails to fetch the Authentication Token. A code request is sent from the browser, however, the access code request fails2
Error Messages
{ "errors":[ { "ID": "bad_request", "message":"state param missing in the request" } ] }
Steps to Reproduce
- Create an OAuth 2.0 provider.
- Create an Authentication profile that references the OAuth provider.
- In a section of a flow action, add an Information mashup control that references the Authorization profile.
- Click Connect. In a popup, there is a redirection to the Authentication server (AS). After authentication in the server, there is a redirection back to the server with code and state parameters in the URL. However, this fails.
Root Cause
A defect in Pegasystems’ code or rules.
Resolution
Apply HFix-49573.
Note: A JVM bounce is required for the hotfix to take effect.
Published December 28, 2018 - Updated December 2, 2021
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.