Skip to main content
Solved

Token request problem in Client Credentials flow


dsj
Ultimate Hero (Partner)
Forum|alt.badge.img+22
  • Ultimate Hero (Partner)
  • 855 replies

We have faced a problem with using REST sender with client credential flow and when investigating it was found that the problem is with the token fetching request.

IFS is sending client id and secret in two places, As basic authentication in the header and the url encoded request body.

Seems sending the client secret in the body is faulty.

Is this a bug or is there any workaround to not to include the client secret in the token payload.

Issue was found in IFS Cloud 22R2 but we observed same problem in Apps10 UPD 16 as well

Best answer by Charith Epitawatta

Hi @dsj, @kvbe,

This is now fixed in IFSAPP10 UPD22 via patch ID 167255. This patch introduces a new property to control whether the client credentials will be sent in the request header or the body or both.

Property - ifs.includeClientCredentials

Expected values - body|header|both

Eg: ifs.includeClientCredentials: header

You can add the property in following 2 ways. 

  1. Add it to the ifs.properties file located in \\<IFS_HOME>\instance\<InstanceID>\conf directory.
  2. Add it to J2EE server properties via the IEE client as described in this documentation.

Hope this helps!

View original
Did this topic help you find an answer to your question?

7 replies

Forum|alt.badge.img+10
  • Hero (Partner)
  • 187 replies
  • June 29, 2023

@dsj was this reported to IFS as a bug? Is there any idea if this will be fixed?

 

dsj
Ultimate Hero (Partner)
Forum|alt.badge.img+22
  • Author
  • Ultimate Hero (Partner)
  • 855 replies
  • June 29, 2023
kvbe wrote:

@dsj was this reported to IFS as a bug? Is there any idea if this will be fixed?

 

 

Hi @kvbe,

 

No, it was not reported. Due to the urgency, we switched to basic authentication and proceed with our integration. 


Charith Epitawatta
Ultimate Hero (Employee)
Forum|alt.badge.img+31

Hi @dsj, @kvbe,

This is now fixed in IFSAPP10 UPD22 via patch ID 167255. This patch introduces a new property to control whether the client credentials will be sent in the request header or the body or both.

Property - ifs.includeClientCredentials

Expected values - body|header|both

Eg: ifs.includeClientCredentials: header

You can add the property in following 2 ways. 

  1. Add it to the ifs.properties file located in \\<IFS_HOME>\instance\<InstanceID>\conf directory.
  2. Add it to J2EE server properties via the IEE client as described in this documentation.

Hope this helps!


dsj
Ultimate Hero (Partner)
Forum|alt.badge.img+22
  • Author
  • Ultimate Hero (Partner)
  • 855 replies
  • October 20, 2023

Thanks a lot @Charith Epitawatta for the answer.

 

Has this been fixed in IFS Cloud as well? In which versions?

 

/Damith


Charith Epitawatta
Ultimate Hero (Employee)
Forum|alt.badge.img+31

Hi @dsj,

I’m afraid this is still not implemented in IFS Cloud and we expect it will be. I will update here when I receive more information on that.

 


Forum|alt.badge.img+1
  • Do Gooder (Customer)
  • 1 reply
  • March 11, 2024
Charith Epitawatta wrote:

Hi @dsj,

I’m afraid this is still not implemented in IFS Cloud and we expect it will be. I will update here when I receive more information on that.

 

Any update on this? For the moment we use different mail accounts (with there neede Microsoft licenses) to do an old fashioned login...


dsj
Ultimate Hero (Partner)
Forum|alt.badge.img+22
  • Author
  • Ultimate Hero (Partner)
  • 855 replies
  • May 27, 2024
DNVMIDE wrote:
Charith Epitawatta wrote:

Hi @dsj,

I’m afraid this is still not implemented in IFS Cloud and we expect it will be. I will update here when I receive more information on that.

 

Any update on this? For the moment we use different mail accounts (with there neede Microsoft licenses) to do an old fashioned login...

 

Hi @DNVMIDE 

I tested in 23R1 and it seems to be fixed as @Charith Epitawatta  mentioned.

IYou can add the properties in 
Solution Manager > Integration > IFS Connect > JSF Properties IFS Properties

 

Hope it helps!

Damith


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings