Symantec Access Management

 View Only

Tech Tip : CA Single Sign-On : Oauth2 Implicit flow - token code missing 

  • 1.  Tech Tip : CA Single Sign-On : Oauth2 Implicit flow - token code missing 

    Broadcom Employee
    Posted Jun 14, 2018 05:33 AM



    We are using the last version of SiteMinder 12.8 with the new implicit Oauth2 flow.

    It seems SiteMinder does not implement correctly the Implicit flow. As you may see, the response_type=token generate an error:

    "response type is missing or invalid".

    Trying with other code the results are:
    response_type=code --> OK
    response_type=token --> ERROR
    response_type=id_token --> OK
    response_type=id_token%20token --> OK

    So we are guessing that the OpenID connect Implicit works well, but the Standard OAuth2 implicit does not work.

    May you help us?




    At first glance, it looks like the Implicit Grant Flow is implemented
    only in the OpenID Connect Provider wich is a new feature from 12.8.

    OIDC Implicit Flow

    Besides Authorization Code Flow, CA Single Sign-On can now
    authenticate users using OIDC Implicit Flow for supporting clients
    that are browser-based, use a scripting language, and are Single-Page
    Applications (SPA). Authorization Endpoint issues Access Token and ID
    Token to a Client directly. CA Single Sign-On Implicit Flow is
    certified with OpenID Conformance Implicit Profile.

    New Features

    For more information, see Authentication Using Implicit Flow

    Authentication Using Implicit Flow

    CA Single Sign-On as OpenID Connect Provider

    You'll notice as well that the Implicit Grant Flow isn't recommended to use.

    OAuth 2.0 Implicit Grant

    What is the OAuth 2.0 Implicit Grant Type?

    You should note also that CA API Gateway has this feature implemented for OAuth 2.0 :

    OAuth 2.0 Tutorial 3: The Implicit Grant Type

    In order to get this Flow type implemented outside OIDC (OpenID Connect), we invite you
    to open an Idea on the Security page :

    1. Go to the CA Security Overview Page :
    2. Click on the "Actions" drop-down menu and select "Create an
    3. Give your idea a title and detailed description to encourage
    4. Publish and vote on your idea!


    KB : KB000100776