Symantec Access Management

Expand all | Collapse all

Federation OAuth sendUserInformationRequest failing - sent as query and not header?

  • 1.  Federation OAuth sendUserInformationRequest failing - sent as query and not header?

    Posted 05-17-2018 11:49 AM
    How do we specify that the OAuth sendUserInformationRequest requests be sent using headers instead of a query?
    Both WAOP 12.52 SP1 and CA Access Gateway 12.8 appear to be sending the OAuth sendUserInformationRequest requests to our User Information Service URL with the bearer token in the query instead of in the header. Azure AD is returning a "400 Bad Request" error for both WAOP and Access Gateway.
    Support Authorization Header is set to Yes in our Partnership.
    I replicated using curl:
    curl -v -k -X GET https://login.microsoftonline.com/{tenant}/openid/userinfo?access_token={access_token}
    400 Bad Request
    curl -v -k -H "Authorization: Bearer {access_token}" -X GET https://login.microsoftonline.com/{tenant}/openid/userinfo
    200 OK


  • 2.  Re: Federation OAuth sendUserInformationRequest failing - sent as query and not header?

    Posted 05-18-2018 03:37 PM

    Ken, People can reply here if they to, but just want to thank you for opening a  Support case as well.

    - Rgds. Vijay