IDCS Throws Auth-1112 For Tampered Token Instead Of Either Throwing A Valid Error Or Retrying By MFA (Doc ID 2669138.1)

Last updated on DECEMBER 14, 2021

Applies to:

Identity Cloud Service (IDCS) - Version N/A and later
Information in this document applies to any platform.

Symptoms

IDCS throws Auth-1112 For tampered Token instead of either throwing a valid error or retrying by MFA

Have a custiom login 3 tier application build on Node Js that orchestrates login call to IDCS.

For a user enrolled for MFA and have device trusted.

Now when sending the token on authenticate call to

{{HOST}}/sso/v1/sdk/authenticate

{
  "op":"credSubmit",
  "authFactor":"USERNAME_PASSWORD",
  "credentials":{
  "username":"${username}",
  "password":"${password}"
  },
  "requestState":"b;ckasg.jcsb.j",
  "trustToken": "${trust token here}"
}

Trust token are stored in local storage and there is a possibility that the token can be corrupted.

When the trust token is tampered, IDCS sends Internal error 500 with auth code AUTH-1112
Unexpected error encountered while processing the request.

Instead of bypassing the token and sending the MFA or if the system is designed to send the exception, it should be a HTTP 400 with invalid token instead of Internal error 500
The exception needs to be corrected at IDCS

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

IDCS Throws Auth-1112 For Tampered Token Instead Of Either Throwing A Valid Error Or Retrying By MFA (Doc ID 2669138.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!