Hi All,

I have an issue with getting OSP to work on a fresh installation of IDM
4.5.3. I have both installed the latest engine patch as well as the
latest Identity Applications patch.

The strange thing is this, if I go to, for instance, the /rra or /IDMRPT
application paths on my application server, I can succesfully login, but
going to either /IDMProv or /landing, and then logging in, gets me the
following error in the trace (catalina.out):
-*2016-04-21 08:47:40,860 [http-bio-8080-exec-10] ERROR
com.netiq.idm.auth.oauth.OAuthServlet- [RBPM] An error occurred while
attempting to authenticate.
2016-04-21 08:53:05,169 [http-bio-8080-exec-5] WARN
com.netiq.idm.auth.oauth.OAuthManager- [RBPM] Exchanging OAuth code for
token failed. HTTP status code: 400 Detail message from authentication
server: An unexpected error caused the Authorization Code processing to

Looking in the osp-idm.*.log shows me the following error:
-*Error writing user's OAuth Token Revocation Entries to trust store!*-

This led me to believe there is something wrong with the SAML setup
between the IDVault and OSP.

I have run both the nmasinst -i as well as the nmasinst -addmethod
scripts on my IDVault server and have let the configupdate recreate the
required objects under the Security container multiple times.

Right now it seems I'm stuck and don't know how to troubleshoot this any
further. If there's anyone able to help me get further ahead, I'd
appreciate it a lot.

Thanks in advance.

esauve's Profile: https://forums.netiq.com/member.php?userid=281
View this thread: https://forums.netiq.com/showthread.php?t=55749