Last Modified: Apr 10, 2019
See more info
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Opened: Jan 05, 2017
When the access profile with a OAuth Client/RS agent is configured, the OAuth server objects has a client secret and/or resource server secret to be configured. When such an access profile is exported and then imported, the client secret or resource server secret may not be imported properly.
The APM OAuth client or Scope Agent may not run properly and end up in the fallback branch.
In OAuth client/RS use case, when an access profile is configured with OAuth client or Scope Agent.
After importing the access profile, the OAuth server object needs to be modified with the proper client secret or resource server secret.
Now Per-request access policies that include objects with encrypted information such as client or resource server secrets, RADIUS secrets, and the like are imported and exported correctly.