Bug ID 995029: Configuration is not updated during auto-discovery

Last Modified: Apr 01, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1

Opened: Feb 18, 2021
Severity: 2-Critical

Symptoms

Auto-discovery fails, resulting in OAuth failure. In /var/log/apm: -- OAuth Client: failed for server '<server>' using 'authorization_code' grant type (<grant type>), error: None of the configured JWK keys match the received JWT token

Impact

JWT auto-discovery fails and the configuration is not updated.

Conditions

JSON Web Token (JWT) auto-discovery is enabled via JSON Web Keys (JWK).

Workaround

Use the GUI to manually retrieve the JWKs by clicking the 'Discovery' button for OpenID URI in 'Access :: Federation : OAuth Client / Resource Server : Provider :: <name of provider>.

Fix Information

None

Behavior Change