Bug ID 926201: Windows and macOS Edge Client may not pass access policy when OAuth scope agent is in between other agents.

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
APM-Clients TMOS(all modules)

Opened: Jul 10, 2020
Severity: 4-Minor

Symptoms

Deny ending page is posted in Edge Client after having completed OAuth logon successfully in the browser.

Impact

Cannot connect to VPN.

Conditions

-- Access policy has OAuth scope agent that is in between other agents -- Issue is mostly seen when OAuth scope agent is between client-side checks that render UI.

Workaround

Placing OAuth scope agent on either side of the other agents solves the problem. In the access policy, place the OAuth scope agent either at the beginning or after all the other agents (right before network access resource is assigned).

Fix Information

None

Behavior Change