on 2019 Jul 09 10:05 AM
Hi All,
I'm trying to get the access token from the C4C tenant using oauth saml2 assertion method. I have configured the Identity provider and also done OAuth2.0 Client Registration in the C4C. But when i try to run the code, i'm getting the below mentioned error.
{ "error":"invalid_grant","error_description":"The provided authorization grant is invalid. Exception was: Entity HTTPS://my338727-sso.crm.ondemand.com is not defined in the element 'AudienceRestriction'. For more information consult the kernel traces or the OAuth 2.0 trouble shooting SAP note 1688545." }
Could you please help me to solve this issue.
Regards,
Sharath
I am getting the same error and have the same scenario as yours. Do we know the solution for this. In my case, Identifier (Entity ID) in Azure is matching with the local provider name.
{ "error": "invalid_grant", "error_description": "Provided authorization grant is invalid. Exception was Entity https://xyzomain.com:8001/sap/bc/sec/o is not defined in the element 'AudienceRestriction'. For more information, consult the kernel traces or the OAuth 2.0 trouble shooting SAP note 1688545"
}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello I am facing the same issue. I am using Azure as IdP, and SAP Netweaver Gateway is the Service Provider.
I made sure the Service Provider name is same as the scope field. And I don't know where else to look or configured. I am following this blog
{ "error": "invalid_grant", "error_description": "Provided authorization grant is invalid. Exception was Entity https://xx.com:44300/sap/bc/sec is not defined in the element 'AudienceRestriction'. For more information, consult the kernel traces or the OAuth 2.0 trouble shooting SAP note 1688545"*xx - is a reference to domain name.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Have you checked the results of the trace in report SEC_TRACE_ANALYZER that is mentioned in Note 1688545.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Are you using IdP from SAP Cloud Platform to invoke SSO ?
- Suchita
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
11 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.