Jeremy, Thanks for your help ! I found what the problem was. I ran a local copy of the UAA on my laptop, pointing to the cloud database and ran your testcases; it all worked as expected ! I was able t

#uaa

Hi Jeremy, Thanks for that testcase. I followed your testcase on our UAA Server except with one change; since we are setup with MFA, I used the uaac token sso to get Marissas token. The UAA app versio

#uaa

Jeremy, I upgraded to the latest UAA version 74.24.0 and I still see the same issue. Is there something I can provide from logs that might help ? Thanks, Viraj

#uaa

Hi Jeremy, Thanks for taklng the time to respond. Really appreciate it. I have double checked this many times. From Postman, I saw the request that is being sent and checked the bearer token to see th

#uaa

I increased the logging for the UAA and found this exception. The error message is "User is not anonymous". Any idea what this could mean? 09-10T17:34:55.74-0400 [APP/PROC/WEB/0] OUT [2020-09-10 21:34

#uaa

Hi All, We are using UAA version 74.14.0 We have a UAA installation for our internal applications in cloudfoundry environment. We have been having a problem in verifying the oauth token (JWT token) us

#uaa

What I have found is that when I set the secret, add a secret or delete the secret later for a UAA client- the lastmodified field of the client does not get updated. Ideally, there should be a timesta

#uaa #cf

Hi All, I am trying to create an automation script which will rotate the client secret every 30 days. I am trying to see if there is an API in UAA which will give me the timestamp of when the last tim

#uaa #cf

Thanks Jonathan. I will take a look at that.

#uaa #cf

Thanks Enrique. We are deploying UAA in cloud.gov for our agency and it will be used by applications deployed in cloud.gov for our agency. I can add a nginx proxy in front but I think I should be able

#uaa #cf

We want to deploy UAA for external users of the organization. This UAA deployment would only be used by external users and so some of the URLs would have to be exposed to the internet. But I want a la

#uaa #cf

Hi Martijn – Thank you for the response an pointers. I missed the fact that the attribute in the uaa.yml should be of the format user.attribute.<attr_name> Everything is working now. Thanks, Viraj

We have our own UAA server running in a cloud.gov environment which we use for all applications that are deployed in cloud.gov. These applications use OAuth 2 to integrate with the UAA server and the

#uaa

Thanks. The SAML assertion generated by ADFS contains "https://<HIDDEN>/saml/SSO/alias/cloudfoundry-saml-login-dev" while the bearer assertion in the metadata file is https://<HIDDEN>/oauth/token/alia

#uaa

Thanks. I digged into this a little deeper. During the SAML verification, confirmed is never TRUE and that’s why it gives the following error 2019-12-10T16:45:24.58-0500 [APP/PROC/WEB/1] OUT Caused by

#uaa

Still having issues. I tried several things and they all seem to fail. 1. Per the documenatation, the URL should go to http://vyscu3.localhost:8080/uaa/oauth/token/alias/vyscu3.cloudfoundry-saml-login

#uaa

Thanks Filip. You are correct and thanks for pointing it out. I will pass Assertion and see what happens. As a side question - I am assuming that the Assertion would have to be unencrypted. right ? Do

#uaa

I am trying to prototype a situation where a user is already authenticated to an On-prem application using ADFS using SAML. Now, this application needs to call a web service deployed on cloud.gov (Clo

#uaa

Thanks Filip. That was very helpful. I updated the uaa.yml with useSSL = true. I had to set trustServerCertificate to true as well otherwise it gives a handshake error. If i want to validate the MySQL

#uaa

We have a separate instance of UAA server interacting with the MySQL database running on cloud.gov. Recently, we have been advised to use a TLS connection to connect to the database. After doing some

#uaa