OIDC dynamic client registration PUT request (update client) is not working

By: Esko Heimonen user 12 Mar 2022 at 11:51 a.m. CST

5 Responses
Esko Heimonen gravatar
According to OpenID Connect API Reference, a PUT request (=update client) to OIDC dynamic client registration endpoint should include registration_access_token provided in header Authorization: Bearer <token>, just like GET request (=get client data). But when attempted, this results in an "invalid token" error. Oxauth.log shows on TRACE level that RegisterRestWebServiceImpl asks GrantService to verify the provided registration_access_token. But the latter token is not stored in ou=token, o=gluu (i.e. not among regular access_tokens and authorization_codes). It is instead stored in inum=<clientI_id>, ou=clients, o=gluu. So the verification attempt fails in grant lookup returning null. Due to this problem I have not yet found a way to dynamically update redirect_uris for an existing OIDC client.
Gluu 4.3 Ubuntu 18.04
closed

Answers

By Michael Schwartz Account Admin 12 Mar 2022 at 12:49 p.m. CST

Copy
Michael Schwartz gravatar
Kiran, can you take a look at this. it should work.

By Kiran Mali staff 12 Mar 2022 at 12:55 p.m. CST

Copy
Kiran Mali gravatar
sure mike, I will check!

By Kiran Mali staff 14 Mar 2022 at 6:30 a.m. CDT

Copy
Kiran Mali gravatar
I tried with our latest release 4.3.1 and it is working. Esko, Could you please use/try 4.3.1? Thank you!

By Esko Heimonen user 14 Mar 2022 at 8:26 a.m. CDT

Copy
Esko Heimonen gravatar
Yes, my problem is fixed by this release. The same Postman request now succesfully updates the client. Thank you!

By Kiran Mali staff 14 Mar 2022 at 9:32 a.m. CDT

Copy
Kiran Mali gravatar
Nice, Welcome :)

Post an answer