Bug ID 636866: OAuth Client/RS secret issue with export/import

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:

Opened: Jan 05, 2017
Severity: 3-Major


When the access profile with a OAuth Client/RS agent is configured, the OAuth server objects has a client secret and/or resource server secret to be configured. When such an access profile is exported and then imported, the client secret or resource server secret may not be imported properly.


The APM OAuth client or Scope Agent may not run properly and end up in the fallback branch.


In OAuth client/RS use case, when an access profile is configured with OAuth client or Scope Agent.


After importing the access profile, the OAuth server object needs to be modified with the proper client secret or resource server secret.

Fix Information

Now Per-request access policies that include objects with encrypted information such as client or resource server secrets, RADIUS secrets, and the like are imported and exported correctly.

Behavior Change