OIDC dynamic client registration PUT request (update client) is not working
By: Esko Heimonen user 12 Mar 2022 at 11:51 a.m. CST
According to OpenID Connect API Reference, a PUT request (=update client) to OIDC dynamic client registration endpoint should include registration_access_token provided in header Authorization: Bearer <token>, just like GET request (=get client data). But when attempted, this results in an "invalid token" error.
Oxauth.log shows on TRACE level that RegisterRestWebServiceImpl asks GrantService to verify the provided registration_access_token. But the latter token is not stored in ou=token, o=gluu (i.e. not among regular access_tokens and authorization_codes). It is instead stored in inum=<clientI_id>, ou=clients, o=gluu. So the verification attempt fails in grant lookup returning null.
Due to this problem I have not yet found a way to dynamically update redirect_uris for an existing OIDC client.
Answers
By Michael Schwartz Account Admin 12 Mar 2022 at 12:49 p.m. CST
Kiran, can you take a look at this. it should work.
By Kiran Mali staff 12 Mar 2022 at 12:55 p.m. CST
sure mike, I will check!
By Kiran Mali staff 14 Mar 2022 at 6:30 a.m. CDT
I tried with our latest release 4.3.1 and it is working.
Esko, Could you please use/try 4.3.1?
Thank you!
By Esko Heimonen user 14 Mar 2022 at 8:26 a.m. CDT
Yes, my problem is fixed by this release. The same Postman request now succesfully updates the client. Thank you!
By Kiran Mali staff 14 Mar 2022 at 9:32 a.m. CDT
Nice, Welcome :)
Post an answer
Warning
I have detected that you have been inactive for 10 minutes.
I got sleepy so I've taken a nap!
