AFX REST Connector fails when content-type configured as application/x-www-form-urlencoded in RSA Governance & Lifecycle version 8.0 P04
Originally Published: 2025-01-10
Article Number
Applies To
- RSA Product Set: RSA Governance & Lifecycle
- RSA Version/Condition: 8.0 P04
Issue
After upgrading to RSA Governance & Lifecycle v8.0 P04, AFX REST Connector fulfillment fails during the OAuth2 access_token retrieval process.
The following error is captured in the connector log:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: Remotely closed.
Element : AFX-CONN-####
ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/0/processors/0/route/1/processors/1 @ AFX-CONN-####-Connector:AFX-CONN-####-Connector.xml:642 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Proxy_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http: request>
Error type : HTTP:CONNECTIVITY
Another version of the error is mentioned below:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: unauthorized (401).
Element : AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http:request>
Error type : HTTP:UNAUTHORIZED
FlowStack : at AFX-CONN-#####-ConnectorProcessLogin(AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login))
at AFX-CONN-#####-ConnectorProcessVerb(AFX-CONN-#####-ConnectorProcessVerb/processors/1/route/1/processors/4/route/0/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:351 (AFX-CONN-#####-ConnectorProcessLogin))
at AFX-CONN-#####-Connector(AFX-CONN-#####-Connector/processors/21 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:163 (AFX-CONN-#####-ConnectorProcessVerb))
Cause
The issue stems from a formatting error where the application incorrectly appends double quotation marks to the start and end of the request body when the application/x-www-form-urlencoded content-type is used.
This malformed body causes the target API to return an "invalid_client" error, effectively blocking the fulfillments.
Resolution
This issue is resolved in the following version/patch:
- RSA Governance & Lifecycle 8.0 P06
Related Articles
'Too many open files' and other Unix errors seen in the log files after deploying P15 on version 6.9.1 of RSA Identity Gov… Number of Views 8.5P4 linux webtier shows online-reinstall required Number of Views GUI shows initialization error "ORA-04063: package body "AVUSER.UTILITIES_PKG" has errors" after patching to 7.5.2 P07 in … Number of Views Hyperlink to RSA SecurID Cloud Authentication Service IdP URL embedded in Word Doc does not work Number of Views ClassNotFoundException: com.aveksa.migration.db.password.ViewPasswordSettingMigrator while installing a patch in RSA Gover… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
