IBM Support

LI81574: IN V5/V5C GATEWAY, WHEN REFRESH TOKEN IS USED TO GENERATE NEW ACCESS TOKEN THE NEW TOKEN STILL HAS THE OLD REVOCATION URL

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • In v5 and v5c gateway, for the OAuth Providers that have
revocation url enabled (Token Management set to Third Party),
when refresh token request is used to generate a new access
token, the new access token still has the old revocation_url.

Local fix

  • 



Problem summary


    

  • When using OAuth refresh tokens with Revocation URL, and the
revocation URL is changed in the OAuth Provider, newly generated
access_token via Refresh Tokens will not contain the updated
Revocation URL.

    



Problem conclusion


    

  • <span style="background-color:rgb(255, 255, 255)">This apar will
update the Revocation URL according to the one configured in the
OAuth Provider as opposed to getting them from the previous
Access Token when generating one via Refresh Tokens. Available
from:</span>
v5 - v5.0.8.10-ifix
v5c - v10.0.1.1 and v2018.4.1.15

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    LI81574
    • 

  • Reported component name
    API CONNECT ENT
    • 

  • Reported component ID
    5725Z2201
    • 

  • Reported release
    18X
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2020-06-19
    • 

  • Closed date
    2020-12-10
    • 

  • Last modified date
    2020-12-10
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
IT34287
    

    • 



Fix information


    

  • Fixed component name
    API CONNECT ENT
    • 

  • Fixed component ID
    5725Z2201
    • 



Applicable component levels


    

  • R18X  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"18X","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            29 September 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback