Failed To Validate USERTOKEN From Mobile And Social In SSO session via OAG (Doc ID 2119384.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Mobile and Social - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

While using an integrated environment of Oracle Identity and Access Management 11.1.2.2 and also SOA protected resources with Oracle API Gateway 11.1.2.3, failed to authenticate any tokens using OAMMS SDK from a mobile application.


A custom Mobile Application using Oracle Access Management Mobile and Social SDK, the authentication provider attempts to autheticate using the /oamauthentication service provider.  With this provider, the application can successfully retrieve the USERTOKEN and ACCESSTOKEN using rest operations.   For  SOA operations side, an Oracle API Gateway is deployed in front of client to protect and authorize the users to access the resources.

When sending any of these mobile tokens as ssosession http header to the OAG API Gateway to access the SOA operations protected by the API,  the OAM response is:
ERROR 18/Dec/2015:06:32:56.702 [450a6940] Error occurred creating UserSession: oracle.security.am.asdk.AccessException: OAMAGENT-02077: Authn token is either null or invalid.
ERROR 18/Dec/2015:06:32:56.703 [450a6940] java exception:
com.vordel.circuit.CircuitAbortException: nested fault: OAMAGENT-02077
....
... 9 more

ERROR 18/Dec/2015:06:32:56.704 [450a6940] The message [Id-18197456e40e0000100000006775855f] logged Failure at 12.18.2015 06:32:56,703 with log description: Failed to authorize to Oracle Access Manager.
ERROR 18/Dec/2015:06:32:56.704 [450a6940] OAM 11gR2 Authorization
ERROR 18/Dec/2015:06:32:56.704 [450a6940] Policy 'testAccess' {
ERROR 18/Dec/2015:06:32:56.704 [450a6940] Filter 'Is SSO Token in HTTP Header' Status: PASSED
ERROR 18/Dec/2015:06:32:56.704 [450a6940] Filter 'Retrieve OAM Session from HTTP header' Status: PASSED
ERROR 18/Dec/2015:06:32:56.704 [450a6940] Filter 'OAM 11gR2 Authorization' Status: FAILED
......

ERROR
-----------------------
OAMAGENT-02077: Authn token is either null or invalid.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms