IBM Support

IJ45106: OAUTH ACCESS TOKEN GET GENERATED TO BIG FOR FIELD. ORA-12899: VALUE TOO LARGE FOR COLUMN "MAXIMO"."INBOUNDCOMMCFG"."OAUTHACCESST

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • When setting up Email Listener using OAUTH, the access token may
be generated larger than the CRYPTO field limit and it causes a
database error.
For SQLServer and DB2, you can extend the Length via
DBConfigure, but not for Oracle.
We provided a script
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE script SYSTEM "script.dtd">
<script author="TS008034659" scriptname="TS008034659">
 <description>After applying this the access token will no
longer be persistent.</description>
 <statements>
	<drop_attributes object="INBOUNDCOMMCFG">

 <attrname name="OAUTHACCESSTOKEN" />

 <attrname name="OAUTHACCESSTOKENDEXPDATE" />
   </drop_attributes>
   <add_attributes object="INBOUNDCOMMCFG">
		<attrdef attribute="OAUTHACCESSTOKEN" maxtype="CRYPTO"
length="3072"  title="Access Token" remarks="The OAuth access
token is used to authenticate with the email server. It has a
limited lifespan." scale="0" persistent="false"
localizable="false"/>
		<attrdef attribute="OAUTHACCESSTOKENDEXPDATE"
maxtype="DATETIME" length="10"  title="Access Token Expiration
Date" remarks="The OAuth access token expiration is the expiry
time and date as indicated by the OAuth server." scale="0"
persistent="false" localizable="false"/>
   </add_attributes>
 </statements>
</script>

As more clients start using OAUTH, the case count has increased
for the issue.

STEPS TO REPRODUCE:
Follow all Steps from Email Listener OAuth Configuration with
Office 365
https://www.ibm.com/support/pages/email-listener-oauth-configur
ation-office-365

RESULT:
If token is generated larger than 2000 characters the email
listener cron fails with

[ERROR] [MAXIMO_CRON] [CID-CRON-XXXX] ORA-12899: value too
large for column "MAXIMO"."INBOUNDCOMMCFG"."OAUTHACCESSTOKEN"
(actual: 2120, maximum: 2000)

EXPECTED RESULT:
Generated token works without db error

PRODUCT VERSION:
Tivoli's process automation engine 7.6.1.2-IFIX20220216-1819
Build 20200715-0100 DB Build V7612-284 HFDB Build HF7612-76

Local fix

  • For Oracle:
Run DBC script to update INBOUNDCOMM
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE script SYSTEM "script.dtd">
<script author="TS008034659" scriptname="TS008034659">
 <description>After applying this the access token will no
longer be persistent.</description>
 <statements>
	<drop_attributes object="INBOUNDCOMMCFG">

 <attrname name="OAUTHACCESSTOKEN" />

 <attrname name="OAUTHACCESSTOKENDEXPDATE" />
   </drop_attributes>
   <add_attributes object="INBOUNDCOMMCFG">
		<attrdef attribute="OAUTHACCESSTOKEN" maxtype="CRYPTO"
length="3072"  title="Access Token" remarks="The OAuth access
token is used to authenticate with the email server. It has a
limited lifespan." scale="0" persistent="false"
localizable="false"/>
		<attrdef attribute="OAUTHACCESSTOKENDEXPDATE"
maxtype="DATETIME" length="10"  title="Access Token Expiration
Date" remarks="The OAuth access token expiration is the expiry
time and date as indicated by the OAuth server." scale="0"
persistent="false" localizable="false"/>
   </add_attributes>
 </statements>
</script>

For DB2 and SQLServer:
Increase the refresh token attribute in the database
configuration.

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* MAXIMO                                                       *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* Customers' email listener access tokens may be too large for *
* the inboundcommcfg.oauthaccesstoken field.                   *
****************************************************************

Problem conclusion

  • The fix for this APAR will be contained in a future release.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IJ45106
    • 

  • Reported component name
    MAXIMO ASST MGM
    • 

  • Reported component ID
    5724R46AM
    • 

  • Reported release
    761
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2023-01-26
    • 

  • Closed date
    2023-11-20
    • 

  • Last modified date
    2023-11-20
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    MAXIMO ASST MGM
    • 

  • Fixed component ID
    5724R46AM
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSLKT6","label":"Maximo Asset Management"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"761","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            21 November 2023
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback