AFX REST Connector fails when content-type configured as application/x-www-form-urlencoded in RSA Governance & Lifecycle version 8.0 P04
Originally Published: 2025-01-10
Article Number
Applies To
- RSA Product Set: RSA Governance & Lifecycle
- RSA Version/Condition: 8.0 P04
Issue
After upgrading to RSA Governance & Lifecycle v8.0 P04, AFX REST Connector fulfillment fails during the OAuth2 access_token retrieval process.
The following error is captured in the connector log:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: Remotely closed.
Element : AFX-CONN-####
ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/0/processors/0/route/1/processors/1 @ AFX-CONN-####-Connector:AFX-CONN-####-Connector.xml:642 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Proxy_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http: request>
Error type : HTTP:CONNECTIVITY
Another version of the error is mentioned below:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: unauthorized (401).
Element : AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http:request>
Error type : HTTP:UNAUTHORIZED
FlowStack : at AFX-CONN-#####-ConnectorProcessLogin(AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login))
at AFX-CONN-#####-ConnectorProcessVerb(AFX-CONN-#####-ConnectorProcessVerb/processors/1/route/1/processors/4/route/0/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:351 (AFX-CONN-#####-ConnectorProcessLogin))
at AFX-CONN-#####-Connector(AFX-CONN-#####-Connector/processors/21 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:163 (AFX-CONN-#####-ConnectorProcessVerb))
Cause
The issue stems from a formatting error where the application incorrectly appends double quotation marks to the start and end of the request body when the application/x-www-form-urlencoded content-type is used.
This malformed body causes the target API to return an "invalid_client" error, effectively blocking the fulfillments.
Resolution
This issue is resolved in the following version/patch:
- RSA Governance & Lifecycle 8.0 P06
Related Articles
RSA Identity Governance & Lifecycle 7.2.0 P7 Release Notes Number of Views 'Too many open files' and other Unix errors seen in the log files after deploying P15 on version 6.9.1 of RSA Identity Gov… Number of Views 8.5P4 linux webtier shows online-reinstall required Number of Views Indirect Relationship Processing fails with ORA-30926 and 'ORA-06512: at "AVUSER.CE_USERS" ' errors after Migration to 7.0… Number of Views GUI shows initialization error "ORA-04063: package body "AVUSER.UTILITIES_PKG" has errors" after patching to 7.5.2 P07 in … Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
