Last Modified: Jul 24, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
16.1.4.1, 16.1.4.2, 16.1.4.3
Fixed In:
16.1.5
Opened: Oct 21, 2023 Severity: 4-Minor
When Google is configured as an authorization server it does not include an 'active' attribute in response to the token validation endpoint. OAuth Scope fails without any error message.
BIG-IP Administrator will not be able to figure out why OAuth Scope fails by looking at the debug logs.
BIG-IP configured as OAuth Client + Resource Server and Google as Authorisation server.
None
Log an error message describing the absence of an 'active' attribute.