See [Unlocking admin features](https://gluu.org/docs/casa/4.3/administration/installation/#unlocking-admin-features)

Hi, Andreea. Please follow Michael's suggestion above, and let us know how it goes.

It worked, thank you very much.

Can you point me in the documentation what has to be enabled in order to have the OxTrust Admin GUI in the list of "Manage authorized applications", as it says: "There are no authorized applications currently". Another question is: how can one have another third party App requesting access to the attributes. From what I have read in the documentation of Gluu, I guess that the third party App has to be as Client registered at the Gluu server, but probably there is more to configure than this.

You'll only see the application if the client is configured to persist the user authorization decision. Because oxTrust is "pre-authorized", this is not necessary.

Thank you for the response, it clears some things. At the same time, in the CASA GUI there is still no authorized Apps listed and in the casa.log it says: 07-02 09:04:23.323 INFO [qtp313540687-23] casa.plugins.consent.AuthorizedClientsVM AuthorizedClientsVM.java:43- Authorized Clients ViewModel inited 07-02 09:04:23.325 INFO [qtp313540687-23] casa.plugins.consent.AuthorizedClientsVM AuthorizedClientsVM.java:105- Recomputing client list associated to current user 07-02 09:04:23.332 INFO [qtp313540687-23] plugins.consent.service.ClientAuthorizationsService ClientAuthorizationsService.java:54- Found 0 client authorizations for user a6cfd62c-7005-4f48-99d9-2edae11ee19a The oxTrust Admin GUI has both default Pre-authorization and manually set persistency set in OpenId Connect->Clients Admin GUI. Can you please tell me what could be the problem and give guidance to the solution or further debugging.

On the oxauth log the only interesting logs are: 2022-02-07 09:04:19,944 INFO [qtp1831477404-23] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:278) - Authentication success for Client: 'c57b5216-e2ea-49e4-aa72-49bbb0dce865' 2022-02-07 09:04:20,024 WARN [qtp1831477404-23] [org.gluu.oxauth.model.crypto.AbstractCryptoProvider] (AbstractCryptoProvider.java:190) - WARNING! Expired Key is used, alias: 3ea736e5-847f-4cb2-bcfa-63723ff3ad88_sig_rs256 Expires On: 2022-01-28 13:25:37 Today's Date: 2022-02-07 09:04:20 2022-02-07 09:04:20,096 INFO [qtp1831477404-88] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:278) - Authentication success for Client: 'c57b5216-e2ea-49e4-aa72-49bbb0dce865' 2022-02-07 09:04:20,211 ERROR [qtp1831477404-88] [org.gluu.oxauth.service.ScopeService] (ScopeService.java:271) - Failed to get claim because claim name is not set for attribute, id: inum=6493,ou=attributes,o=gluu 2022-02-07 09:06:57,657 INFO [qtp1831477404-20] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:278) - Authentication success for Client: 'c57b5216-e2ea-49e4-aa72-49bbb0dce865' Maybe this helps tracing the problem.

It turned out that the attribute 6493 was the user Status, which by default does not have a claim name. Probably this can be ignored for this attribute. At the same time, updating the attribute from the Admin GUI did not work, only manually updating in the LDAP database worked. The hint on setting/resetting the parameters Pre-authorization and Persistance for the OpenID Connect clients helped. After disabling the pre-authorization for the CASA Client the menu from the consent gathering script comes up. There are errors on saving the authorization, but I will open a new ticket on that. This ticket can be closed.

Thanks, closing.