AFX REST Connector fails when content-type configured as application/x-www-form-urlencoded in RSA Governance & Lifecycle version 8.0 P04
Originally Published: 2025-01-10
Article Number
Applies To
- RSA Product Set: RSA Governance & Lifecycle
- RSA Version/Condition: 8.0 P04
Issue
After upgrading to RSA Governance & Lifecycle v8.0 P04, AFX REST Connector fulfillment fails during the OAuth2 access_token retrieval process.
The following error is captured in the connector log:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: Remotely closed.
Element : AFX-CONN-####
ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/0/processors/0/route/1/processors/1 @ AFX-CONN-####-Connector:AFX-CONN-####-Connector.xml:642 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Proxy_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http: request>
Error type : HTTP:CONNECTIVITY
Another version of the error is mentioned below:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: unauthorized (401).
Element : AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http:request>
Error type : HTTP:UNAUTHORIZED
FlowStack : at AFX-CONN-#####-ConnectorProcessLogin(AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login))
at AFX-CONN-#####-ConnectorProcessVerb(AFX-CONN-#####-ConnectorProcessVerb/processors/1/route/1/processors/4/route/0/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:351 (AFX-CONN-#####-ConnectorProcessLogin))
at AFX-CONN-#####-Connector(AFX-CONN-#####-Connector/processors/21 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:163 (AFX-CONN-#####-ConnectorProcessVerb))
Cause
The issue stems from a formatting error where the application incorrectly appends double quotation marks to the start and end of the request body when the application/x-www-form-urlencoded content-type is used.
This malformed body causes the target API to return an "invalid_client" error, effectively blocking the fulfillments.
Resolution
This issue is resolved in the following version/patch:
- RSA Governance & Lifecycle 8.0 P06
Related Articles
Salesforce Collector is throwing 'Invalid Credentials' error after patching to RSA Governance & Lifecycle 8.0.0 P06 Number of Views 'Too many open files' and other Unix errors seen in the log files after deploying P15 on version 6.9.1 of RSA Identity Gov… Number of Views RSA Governance & Lifecycle Recipes: Dashboard - Deployment Overview - Part 1 Number of Views RSA Governance & Lifecycle Recipes: Dashboard - Deployment Overview - Part 2 Number of Views Generic REST Collector does not replace Query Parameters passed as part of the POST Request Body in RSA Identity Governanc… Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Governance & Lifecycle 8.0.0 Administrators Guide RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
