OIDC registration fails to update

Symptoms

Before you register the OIDC clients by using IdP V3 API, you need to login into third party ID provider. And, then you can register the OIDC clients in the application. While registering, you use application url as cp-console url and redirect URL as https://<cp-console-url>/ibm/api/social-login/redirect/<name of the oidc>. However, you might face issue while opening the cp-console browser. When you click the configured ID provider name, you might not be redirected to the authentication page of that IdP.

Causes

Issue with configuring the OIDC XML files in multi-cluster environment.

Troubleshooting the issue

Restart all the replicas of auth-idp pod.

To restart the auth-idp pod:

1. Get the auth-idp pod ID.

   oc -n <your-foundational-services-namespace> get pods | grep auth-idp
   

   Following is a sample output of the command:

   auth-idp-t6sfm         4/4    Running      0    1d
   

2. Delete the auth-idp pod.

   oc -n <your-foundational-services-namespace> delete pod pod-name
   

   Where, pod-name specifies the name of the auth-idp pod that you want to delete.

3. Once the pod is deleted, you might see a similar message:

   pod "pod-name" deleted
   

   Where, pod-name specifies the name of the auth-idp pod that has been deleted.

4. Verify the status of the auth-idp pod that has been deleted.

   oc -n <your-foundational-services-namespace> get pods | grep pod-name
   

   Where, pod-name specifies the name of the auth-idp pod that you want to verify whether the pod is deleted or not.

5. The auth-idp pod will restart. The pod gets new ID after the restart.