Forum Stats

  • 3,853,207 Users
  • 2,264,192 Discussions
  • 7,905,286 Comments

Discussions

Couldn't get the authorization code using OAuth 2 with Oracle Access Manager OAuth Services

3258810
3258810 Member Posts: 1
edited Aug 19, 2019 4:04PM in API Management

Hi ,

I have interested to do a oauth2 authenticator. For that I'm following the link [1] and successfully installed oracle identity and access management in my windows 8.1 machine and start the oam server with port 14100 and oim server with 14000. The weblogic server runs with the port 7001 .

Then I'm following [2] and create the custom resource server and oauth clients , then by following [3] I have tried the endpoint like below to get the authorization code.

http://kana:14100/ms_oauth/oauth2/endpoints/oauthservice/authorize?response_type=code&client_id=customerClient&redirect_uri=https://www.google.com&scope=Customer.Info UserProfile.me&state=xyz

But I got the following 401 error.

"10.4.2 401 Unauthorized

The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11."

[1] http://docs.oracle.com/cd/E40329_01/install.1112/e49521/install.htm#INOAM75795

[2] http://www.ateam-oracle.com/implementing-oauth-2-with-oracle-access-manager-oauth-services-part-i/

[3] http://www.ateam-oracle.com/implementing-oauth-2-with-oracle-access-manager-oauth-services-part-iii/

Could anyone guide me on above error ?

Where I made mistake ?

Note that , I'm using "https://www.google.com" as redirect_uri  , But in doc "https://oxygen.mycompany.com:7502/ClientWebApp/CustomerClient" is used as redirect_uri.

Is this the reason for that error?

Can't we make a direct call with that endpoint by using any rest client?

I'm stuck with this error for last four days . Please guide me on this?

Thanks

Tagged:

Answers

  • 1f5d683f-0a0d-444c-9d78-ce1833423fc1
    edited Jul 3, 2016 3:10PM

    Hi all,

    Is there any solutions for the issue?

  • user12001757
    user12001757 Member Posts: 1 Blue Ribbon
    edited Jun 5, 2019 2:17PM

    It seems to me that the error indicates the OAM authentication didn't occur, the OAM login authentication should appear and it's not coming, in this case:

    - Double check the WebGate setup, having all resources protected and unprotected as in Par I

    - In oamconsole > Mobile Security > Mobile Oath Services > Default Domain > Summary > Check “Allow Multiple Resource Servers”.  This appears in a screen-shot but it's not clearly documented.

    - Once you have previous settting you should be able to fill the "Scope Namespace Prefix" which can cause the issue you are having

  • ronaldolf
    ronaldolf Member Posts: 4
    edited Aug 19, 2019 4:04PM

    Hi,

    You can check this article and see if you are missing any configuration.

    Cheers.