Hi Geoff, I did say hi to KP on your behalf

OSP and SSPR host value matches in ism-configuraiton file.

Follwed 10.1.1.0 longname.acme.com longname, this format to resolve IP's to DNS.

Enable ALL logging on OSP.

OSP tail -f logs for this issue:

Priority Level: FINER
Java: internal.osp.common.logging.HttpResponseLogger.log () [138] thread=https-jsse-nio-8443-exec-54
Time: 2019-05-16T09:44:00.653-0400
Log Data: HttpServletResponse (Number 4088)
Duration (seconds): 0.17
Content type: text/html;charset=UTF-8
Character encoding: UTF-8
Locale: en
Buffer size: 8192

Preamble: [OSP]
Priority Level: FINER
Java: internal.osp.common.logging.HttpRequestLogger.log( ) [340] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.946-0400
Log Data: HttpServletRequest (Number 4089)
Method: GET
Request URL: /osp/a/idm/auth/oauth2/grant
Query String: ?client_id=sspr&response_type=code&state=H4sIAAAAA AAAAAGwAE__UFdNLkdDTTEQvdPQJ6AzF8MK3YuhG_-pHE4YnNKWtAGOB2xTMm5Dqg5gM3gskSvtm9lEcPaRB-AJuceJqO--n0_5v_xmtPM39H-DnRQrxXb3kvMVm8gC6d6V54ImlXemCMdi2_fm6jzcZ2fk-7zY8U_AMG1RCQqcvFmXnSM1v3ymsNAXiCDCUMLcbFgZGDoy2TD o_GbzHdB1UzAeJF7wY8MnsZ36F2febkqF5xz7CgllRNRUsAAAA A%3D%3D&redirect_uri=https%3A//www.inet.jnet.beta.pa.govFsspr/public/oauth
Scheme: https
Context Path: /osp
Servlet Path: /a
Path Info: /idm/auth/oauth2/grant
Server Name: www.inet.jnet.beta.pa.gov
Server Port: 443
Locale: en_US
Host IP Address: 164.156.19.129
Remote Client IP Address: 10.182.69.11
Cookies
(1 of 1): AAAA03ecd25d59=AQAAAAAAAACPk2PJwRrKXwPo5MWVpNb8
Headers
host=www.inet.jnet.beta.pa.gov
user-agent=Mozilla/5.0 (Windows NT 10.0; WOW64; rv:66.0) Gecko/20100101 Firefox/66.0
accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language=en-US,en;q=0.5
accept-encoding=gzip, br
referer=https://www.inet.jnet.beta.pa.gov/nidp/idff/sso?sid=0&sid=0
dnt=1
cookie=(see above)
upgrade-insecure-requests=1
via=1.1 www.inet.jnet.beta.pa.gov (Access Gateway-ag-32F7159943D603E7-140622)
x-forwarded-for=172.18.87.134
x-forwarded-host=www.inet.jnet.beta.pa.gov
x-forwarded-server=www.inet.jnet.beta.pa.gov
connection=Keep-Alive
Session
Id: F000652880D3B769D841739A1B9C978B
Last Accessed Time: 2019-05-16T09:49:29.946-0400 (1558014569946)
Parameters
client_id
response_type
state
redirect_uri
Attributes
org.apache.tomcat.util.net.secure_protocol_version
javax.servlet.request.key_size
javax.servlet.request.ssl_session_mgr
javax.servlet.request.cipher_suite
javax.servlet.request.ssl_session_id
OSPRequestContext

Preamble: [OSP]
Priority Level: FINEST
Java: internal.osp.framework.servlet.OSPServlet.process( ) [198] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.946-0400
Log Data:
Class: OSPRequestContext
HttpServletResponse exists.
Http request type: GET
Request number: 4089
Tenant: For IDM and IG
Service: For IDM and IG(id=auth)
Path element count: 2
Element: oauth2
Element: grant
Override locale: en_US

Preamble: [OIDP]
Priority Level: FINEST
Java: internal.osp.oidp.service.servlets.handler.Authent icationServiceRequestHandler.resolveHandler() [199] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.946-0400
Log Data: IDP oauth2 handler to process request received for grant

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.oauth2.handler.Grant.get Command() [204] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.947-0400
Elapsed time: 23.262 microseconds
Log Data: Parse OAuth 2.0 response_type or grant_type:
response_type: code
Maps to: Authorization Code Grant profile

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.session.NIDPSession.<ini t>() [344] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.947-0400
Elapsed time: 48.225 microseconds
Log Data: Creating new session:
Identifier: 6d787ab077e111e9b4650050569f3287-84ede0e9a9e5f1f0ec-CX
Type: PERSISTANT
Tracking identifier: bXh6sXfhEem0ZQBQVp8yhw

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.cluster.ClusterCookieCon text.resolveSession() [147] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.947-0400
Elapsed time: 265.641 microseconds
Log Data: Session was created for this user request because no cookie accompanied the request: 6d787ab077e111e9b4650050569f3287-84ede0e9a9e5f1f0ec
Session cached:
Class: NIDPSession
Identifier: 6d787ab077e111e9b4650050569f3287-84ede0e9a9e5f1f0ec-CX
Sub-identifier: 0
Auth tracking identifier: bXh6sXfhEem0ZQBQVp8yhw
Type: PERSISTANT
Create time: 2019-05-16T09:49:29.947-0400 (1558014569947), elapsed: 0 (0)
Authenticated time: 1969-12-31T18:59:59.999-0500 (-1), elapsed: 18032d 13h 49m 29.948s (1558014569948)
Last used time: 2019-05-16T09:49:29.947-0400 (1558014569947), elapsed: 0 (0)
Main JSP: main
Set activity: true
Storage cache: <none>
Logout flag: 0
Show logout: false

Preamble: [OIDP]
Priority Level: FINEST
Java: internal.osp.oidp.service.session.NIDPSession.chec kAuthenticated() [2711] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.948-0400
Elapsed time: 13.5 microseconds
Log Data: Session authenticated?
Identifier: 6d787ab077e111e9b4650050569f3287-84ede0e9a9e5f1f0ec
Zero consumed authentications.
Authenticated: false

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.session.NIDPSession.getS essionData() [811] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.948-0400
Elapsed time: 10.456 microseconds
Log Data: Get session data based on request:
Creating new session data; id: 1

Preamble: [OIDP]
Priority Level: SEVERE
Java: internal.osp.oidp.service.oauth2.handler.RequestHa ndler.respondWithPageError() [582] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.948-0400
Log Data: Code: internal.osp.oidp.service.oauth2.handler.HandlerEx ception.<init>() [183]
Text: Client-supplied redirect URI is not registered: https://www.inet.jnet.beta.pa.govFsspr/public/oauth

Preamble: [OIDP]
Priority Level: FINEST
Java: internal.osp.oidp.service.oauth2.handler.BrowserHa ndlerBase.handleError() [1113] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.948-0400
Elapsed time: 532.46 microseconds
Log Data: Send user to error page: Client-supplied redirect URI is not registered: https://www.inet.jnet.beta.pa.govFsspr/public/oauth

Preamble: [OIDP]
Priority Level: INFO
Java: internal.osp.oidp.service.oauth2.handler.TokenRequ estHandlerBase.auditTokenCreation() [392] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.949-0400
Log Data: IssueOAuthCode

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.servlets.handler.Authent icationServiceRequestHandler.commit() [569] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.949-0400
Elapsed time: 9.468 milliseconds
Log Data: Persisting session: 6d787ab077e111e9b4650050569f3287-84ede0e9a9e5f1f0ec-CX
Session to cookie: true

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.framework.UIResponder$Response.setRes ponse() [1424] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.959-0400
Elapsed time: 3.871 milliseconds
Log Data: Set response:
Forwarding:
Page: /idm/jsp/err.jsp

Preamble: [OSP]
Priority Level: FINER
Java: internal.osp.common.logging.HttpResponseLogger.log () [138] thread=https-jsse-nio-8443-exec-48
Time: 2019-05-16T09:49:29.963-0400
Log Data: HttpServletResponse (Number 4089)
Duration (seconds): 0.18
Content type: text/html;charset=UTF-8
Character encoding: UTF-8
Locale: en
Buffer size: 8192