IBM Support

LI81516: V5C GATEWAY IS INCORRECTLY SENDING API CONNECT'S APP CLIENT ID

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • V5C Gateway is incorrectly sending API Connect's App Client ID
to Third Party OAuth Provider as part of the Introspection
payload/call. This behavior make the Introspection call fail,
since the Third Party OAuth Provider will receive TWO different
Client IDs and will not know how to handle them.

Local fix

  • 



Problem summary


    

  • In v5c gateway, we were always sending the APIC client ID and
the scope to the third-party endpoint. Some customers don't want
to expose that information to the third-party endpoint.

    



Problem conclusion


    

  • We added a new request header which can control whether to send
the APIC client ID and scope to the third-party endpoint or not.
We won't send those two pieces of information to the third-party
endpoint by default after this fix.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    LI81516
    • 

  • Reported component name
    API CONNECT ENT
    • 

  • Reported component ID
    5725Z2201
    • 

  • Reported release
    18X
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2020-05-21
    • 

  • Closed date
    2020-10-27
    • 

  • Last modified date
    2020-10-27
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
IT34286
    

    • 



Fix information


    

  • Fixed component name
    API CONNECT ENT
    • 

  • Fixed component ID
    5725Z2201
    • 



Applicable component levels


    

  • R18X  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"18X","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            29 September 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback