OIDC registration fails to update

Symptoms

Before you register the OIDC clients by using IdP V3 API, you need to login into third party ID provider. And, then you can register the OIDC clients in the application. While registering, you use application url as cp-console url and redirect URL as https://<cp-console-url>/ibm/api/social-login/redirect/<name of the oidc>. However, you might face issue while opening the cp-console browser. When you click the configured ID provider name, you might not be redirected to the authentication page of that IdP.

Causes

Issue with configuring the OIDC XML files in multi-cluster environment.

Troubleshooting the issue

Restart all the replicas of platform-auth-service pod.

To restart the platform-auth-service pod:

  1. Get the platform-auth-service pod ID.

    oc -n <your-foundational-services-namespace> get pods | grep platform-auth-service
    

    Following is a sample output of the command:

    platform-auth-service-t6sfm         4/4    Running      0    1d
    
  2. Delete the platform-auth-service pod.

    oc -n <your-foundational-services-namespace> delete pod pod-name
    

    Where, pod-name specifies the name of the platform-auth-service pod that you want to delete.

  3. Once the pod is deleted, you might see a similar message:

    pod "pod-name" deleted
    

    Where, pod-name specifies the name of the platform-auth-service pod that has been deleted.

  4. Verify the status of the platform-auth-service pod that has been deleted.

    oc -n <your-foundational-services-namespace> get pods | grep pod-name
    

    Where, pod-name specifies the name of the platform-auth-service pod that you want to verify whether the pod is deleted or not.

  5. The platform-auth-service pod will restart. The pod gets new ID after the restart.