SecureAuth Idp Version affected: All
Description:
A 401 Unauthorized error is received when attempting to access the OAuth2/OIDC (OpenID Connect) URI (e.g.https://SecureAuthIdP/SecureAuth#/.well-known/openid-configuration) onrealms using WinSSO (Windows SSO)
Cause:
The OAuth2/OIDC endpoints should be accessible using anonymous authentication but having Windows authentication enabled for the realm prevents this.
Resolution:
The .well-known location needs to be enabled for anonymous authentication as follows:
1. Create a folder called ".well-known" in the affected realm, e.g.:
D:\Secureauth\SecureAuth#\.well-known
Windows Explorer will not let you create a folder starting with a period character so please use either the command line or PowerShell to create the folder as follows;
Using Powershell:
Set-Location D:\Secureauth\SecureAuth#
New-Item .well-known -ItemType Directory
Or using CMD:
CD D:\Secureauth\SecureAuth#
MD .well-known
2. Now Copy the attached 'web.config' into the '.well-known' folder.
Please see this article for help with accessing the other OAuth/OIDC endpoints in a WinSSO realm
SecureAuth Knowledge BaseArticles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.