My Oracle Support Banner

Authorization Code Is Not Obtained For Federated Users (Doc ID 2319385.1)

Last updated on APRIL 01, 2019

Applies to:

Oracle Mobile and Social - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

Customer has implemented 3-legged OAuth flow. The OOTB consent page was customized by adding a federation URL. When internal users authenticate on this OOTB consent page, authorization code is generated, but if the federation URL is clicked and users authenticate on this federation login page, authorization code is not generated.

Changes

 I see OAM_ID cookie, OAM_JSessionID and ORA_OSFS_Session Cookie (for federation) present in the browser.

On Federation URL, the actual app url which is being used as return URL is OAM protected. The complete Fed URL is IDP initiated fed URL; It redirect the user to IDP for authentication and SAML assertion and then sends the user to return URL upon successful authentication and SAML assertion consumption by OAM.

Also when the user is being redirected to return URL after successful SAML assertion consumption, I see OAMAuthnHintCookie and OAMAuthnCookie_hostname.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.