After upgrading to IBM Cloud Pak for Multicloud Management Fix Pack 2 users cannot access Infrastructure management

Symptom

After upgrading to IBM Cloud Pak for Multicloud Management Fix Pack 2, an OIDC provider error is seen when accessing Infrastructure management.

The error states:

   OpenID Connect Provider error: Error in handling response type.

Cause

An OIDC configuration problem was fixed in IBM Cloud Pak for Multicloud Management Fix Pack 2. During an upgrade, the configuration will not be changed as this is customer data and the upgrade does not modify customer data.

Resolving the problem

Complete the following steps to resolve the issue.

1. Log in to your OpenShift cluster:

   oc login
   

2. Change to the Infrastructure management project:

   oc project management-infrastructure-management
   

3. Save the secret encoded string to a file and use the base64 command to decode the data and direct the output to another text file.

   oc get secret -o jsonpath='{.data.oidc\.conf}' ibm-infra-management-application-connection | base64 -d | sed -e 's#oidc/endpoint/OP/jwk#idprovider/v1/auth/jwk#g'> oidc_new.conf
   

   cat oidc_new.conf | base64 | tr -d '\n'
   

4. Replace the value above in the secret ibm-infra-management-application-connection in the oidc.conf

   oc edit secret ibm-infra-management-application-connection
   

   • Replace oidc.conf with the new value in step 3.
   • Save the secret.
5. Restart the httpd pod in the management-infrastructure-management namespace to pick up the changes by deleting the . For example,

   oc delete pod `oc get pod | grep httpd | cut -f1 -d" "`