Skip to main content

We have faced a problem with using REST sender with client credential flow and when investigating it was found that the problem is with the token fetching request.

IFS is sending client id and secret in two places, As basic authentication in the header and the url encoded request body.

Seems sending the client secret in the body is faulty.

Is this a bug or is there any workaround to not to include the client secret in the token payload.

Issue was found in IFS Cloud 22R2 but we observed same problem in Apps10 UPD 16 as well

@dsj was this reported to IFS as a bug? Is there any idea if this will be fixed?

 

@dsj was this reported to IFS as a bug? Is there any idea if this will be fixed?

 

 

Hi @kvbe,

 

No, it was not reported. Due to the urgency, we switched to basic authentication and proceed with our integration. 

Hi @dsj, @kvbe,

This is now fixed in IFSAPP10 UPD22 via patch ID 167255. This patch introduces a new property to control whether the client credentials will be sent in the request header or the body or both.

Property - ifs.includeClientCredentials

Expected values - body|header|both

Eg: ifs.includeClientCredentials: header

You can add the property in following 2 ways. 

  1. Add it to the ifs.properties file located in \\<IFS_HOME>\instance\<InstanceID>\conf directory.
  2. Add it to J2EE server properties via the IEE client as described in this documentation.

Hope this helps!

Thanks a lot @Charith Epitawatta for the answer.

 

Has this been fixed in IFS Cloud as well? In which versions?

 

/Damith

Hi @dsj,

I’m afraid this is still not implemented in IFS Cloud and we expect it will be. I will update here when I receive more information on that.

 

Hi @dsj,

I’m afraid this is still not implemented in IFS Cloud and we expect it will be. I will update here when I receive more information on that.

 

Any update on this? For the moment we use different mail accounts (with there neede Microsoft licenses) to do an old fashioned login...

Hi @dsj,

I’m afraid this is still not implemented in IFS Cloud and we expect it will be. I will update here when I receive more information on that.

 

Any update on this? For the moment we use different mail accounts (with there neede Microsoft licenses) to do an old fashioned login...

 

Hi @DNVMIDE 

I tested in 23R1 and it seems to be fixed as @Charith Epitawatta  mentioned.

IYou can add the properties in 
Solution Manager > Integration > IFS Connect > JSF Properties IFS Properties

 

Hope it helps!

Damith

Reply


Terms & ConditionsCookie settings