AFX REST Connector fails when content-type configured as application/x-www-form-urlencoded in RSA Governance & Lifecycle version 8.0 P04
Originally Published: 2025-01-10
Article Number
Applies To
- RSA Product Set: RSA Governance & Lifecycle
- RSA Version/Condition: 8.0 P04
Issue
After upgrading to RSA Governance & Lifecycle v8.0 P04, AFX REST Connector fulfillment fails during the OAuth2 access_token retrieval process.
The following error is captured in the connector log:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: Remotely closed.
Element : AFX-CONN-####
ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/0/processors/0/route/1/processors/1 @ AFX-CONN-####-Connector:AFX-CONN-####-Connector.xml:642 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Proxy_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http: request>
Error type : HTTP:CONNECTIVITY
Another version of the error is mentioned below:
Message : HTTP POST on resource 'https://####:####/api/access/v1/oauth/token' failed: unauthorized (401).
Element : AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login)
Element DSL : <http:request method="#[vars.loginRequestAttributes.method]" doc:name="Execute login" doc:id="####" config-ref="HTTP_Request_configuration" path="#[vars.url]">
<http:headers><![CDATA[
#[vars.loginHeader ++ {"Content-Length" : payload.^contentLength}]
]]></http:headers>
</http:request>
Error type : HTTP:UNAUTHORIZED
FlowStack : at AFX-CONN-#####-ConnectorProcessLogin(AFX-CONN-#####-ConnectorProcessLogin/processors/7/route/1/processors/17/processors/0/route/1/processors/0/route/1/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:660 (Execute login))
at AFX-CONN-#####-ConnectorProcessVerb(AFX-CONN-#####-ConnectorProcessVerb/processors/1/route/1/processors/4/route/0/processors/1 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:351 (AFX-CONN-#####-ConnectorProcessLogin))
at AFX-CONN-#####-Connector(AFX-CONN-#####-Connector/processors/21 @ AFX-CONN-#####-Connector:AFX-CONN-#####-Connector.xml:163 (AFX-CONN-#####-ConnectorProcessVerb))
Cause
The issue stems from a formatting error where the application incorrectly appends double quotation marks to the start and end of the request body when the application/x-www-form-urlencoded content-type is used.
This malformed body causes the target API to return an "invalid_client" error, effectively blocking the fulfillments.
Resolution
This issue is resolved in the following version/patch:
- RSA Governance & Lifecycle 8.0 P06
Related Articles
Salesforce Collector is throwing 'Invalid Credentials' error after patching to RSA Governance & Lifecycle 8.0.0 P06 Number of Views Hyperlink to RSA SecurID Cloud Authentication Service IdP URL embedded in Word Doc does not work Number of Views RSA Identity Management and Governance 6.9.1 P07 shows approval change items are being duplicated Number of Views 'Too many open files' and other Unix errors seen in the log files after deploying P15 on version 6.9.1 of RSA Identity Gov… Number of Views How does FSM handle a user who is a member of two groups? Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide The Template ({Connector Template Name}) has missing file content error when creating AFX Connectors in RSA Identity Gover… Troubleshooting RSA MFA Agent for Microsoft Windows RSA Release Notes for RSA Authentication Manager 8.8
Don't see what you're looking for?
