By: Qin Rodney user 13 Feb 2017 at 9:09 p.m. CST

3 Responses
Qin Rodney gravatar
We use oxd server API to support for OpenID Connect Single Sign-On via Gluu. And follow is our step: Step 1: Register web client and get the "oxd_id". Step 2: Use the "oxd_id" to get the "authorization_url", and then redirect to "authorization_url". Step 3: After redirect to "authorization_url", we input email address and password to authenticate. Step 4: After login successful, it will show the authorization page, and we choose "Not Allow", Step 5: After choose "Not Allow", it will redirect to "authorization_redirect_uri", and we can't get the code. Step 6: We repeat the "step 2", **we want to go to the Gluu login page, and input email address and password to authenticate.** But it will redirect to "authorization_redirect_uri", and ignore the "step 3", "step 4".

By Yuriy Zabrovarnyy staff 15 Feb 2017 at 1:10 a.m. CST

Yuriy Zabrovarnyy gravatar
It would be helpful to see full `oxd-server.log`. It seems you missed `prompt: login` for `get_authorization_url` which is used to force re-login.

By Yuriy Zabrovarnyy staff 16 Feb 2017 at 4:17 a.m. CST

Yuriy Zabrovarnyy gravatar
Prompt is null in request. Please put `prompt: "login"` in command, so `authorization_url` should looks as ``` https://gluu.catapultlearning.com/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=@!850F.12EB.67F3.F5DE!0001!3EE2.8AFA!0008!43B2.E3D9&redirect_uri=https://qa.owlforlearning.com/walkthrough/api/opclient/landingpage&scope=openid+email+uma_protection+uma_authorization&state=ge79f3ntul5afd3mnjh54nl698&nonce=skl73jo9sderkh1km4r67aumqb&prompt=login ``` Also you may wish to attach logs as file attachment instead of inline.

By Qin Rodney user 17 Feb 2017 at 2:24 a.m. CST

Qin Rodney gravatar
According to your suggestion, it works well, Thanks very much.