Question & Answer
Question
What information should be collected to help IBM Support to troubleshoot OAuth problems in IBM API Connect?
Answer
The following information describes the documentation needed by IBM support to investigate the OAuth issue:
1. Describe the issue
1.1 Provide detailed problem description which includes error messages or unexpected results. Some screenshots might be very helpful to illustrate the error/unexpected results.
1.2 Provide some details regarding the basic configuration of the OAuth (which is experiencing the issue).You can answer the following questions, which might help us to get a clear understanding about the issue:
- What is the OAuth grant-type and Client-type being used for this?
- Which feature in the API is causing the issue? It might be helpful to see from the following links if that feature is supported for your current version:
- Is this a new configuration you are trying or it is an existing configuration which stopped working? If you can share any link/doc you are following, in case of a new configuration?
- What are the recent changes have been done before this issue started?
- Which API is facing the issue? Is it an OAuth Provider API or a consumer API (which is using a specific OAuth Provider API) ?
2. Recreate the issue and collect the following data
2.1 Provide the steps to re-create the issue
2.2 Provide the exact version you are using for APIC (CLI command output of "system show version") & DataPower (CLI command output of " show version")
2.3 This step is only applicable if you are using APIC V5 or API Connect 2018.x or v10.0.x with a V5 Compatible Gateway (Not recommended for a Production Gateway)
Enable the Probe from the application domain in DataPower WebGUI as following:
- Open the 'Control Panel -> 'Troubleshooting' page
- Select the Debug Probe tab near the top of the Troubleshooting Panel
- Look for the type of service you are using (i.e. MPGW)
- From the pull-down select the name of the service you are using
- Click on the Add Probe button
-
From the Debug tab of the Troubleshooting Panel, find the service where the probe was just enabled
Recreate the problem and make sure to note the start and finish time of your test to help us to analyze the logs and provide the transaction#
-
Select the magnifying glass under 'Probe' to view the transactions
-
Select 'Export Capture' and click Download to save to your machine
Disable the Probe
2.4 If you are using an API Gateway service for APIC 2018.x or APIC 10.0.x, please collect the gwd-log using the following instructions :
Collect API Connect gateway service log data by configuring the following log target in the API Connect application domain using the CLI.
--------------------
configure terminal
logging target gwd-log
type file
format text
timestamp zulu
size 50000
local-file logtemp:///gwd-log.log
event apic-gw-service debug
exit
exit
logging target gwd-log
type file
format text
timestamp zulu
size 50000
local-file logtemp:///gwd-log.log
event apic-gw-service debug
exit
exit
--------------------
To disable this level of logging (after you have recreated the issue), enter the following commands:
switch domain <API Gateway domain_name>
top; co
switch domain <API Gateway domain_name>
top; co
logging target gwd-log; admin-state disabled; exit
2.5 Set log-level : debug and generate an error-report from the application domain
- Login into your DataPower Application domain for API Connect
- Go to the “Control Panel”
- From the control panel, click the Troubleshooting icon
- Navigate to the Logging section
- Select the logging level from the Log Level list and set it to debug
- Click Set Log Level
For more information read our documentation on Setting the appliance log level.
Recreate the problem and make sure to note the start and finish time of your test to help us to analyze the logs
Recreate the problem and make sure to note the start and finish time of your test to help us to analyze the logs
- Go in Troubleshooting -> Reporting section -> click 'Generate Error Report'
- Go to File Management, temporary:/// and right click on the error-report file to download to your machine
Restore the log level back to the original value when the error report is generated.
2.6 An export of the API's involved in this issue
2.7 Provide an exact request/response you are using for invoking the API
3. Submit diagnostic data to the case
After you have collected the preceding information, and the case is opened, you can use this link to exchange information with IBM Technical Support for problem determination.
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"Component":"Not Applicable","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"All versions","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
28 March 2023
UID
swg22015173