I have BIG-IP APM installed , it is a simple Virtual Server with Access policy for OAuth Client/ Resouce server integrated with Okta. When I try to access a recource on the server it redirects me Okta and gets the access code but when connects to F5 APM again it Deny's the access and through following error.
Common/XXXOktaAP:Common:541531e8:/Common/XXXOktaAP_act_oauth_client_ag: OAuth Client: 'state' parameters do not match (expected=5XYrM28-OiGYD4UOwPf40gA, received=5xyrm28-oigyd4uowpf40ga) for server '/Common/XXXOktaServer' (client_id=0oa5rwhe5nmDhoiK8697)
It looks like iexpected vs received is just letters case sensitive, but I don't see this information anywhere in the communication request/response.
When I serched up for in tech docs I found this
OAuth Client: state parameters do not match
This is an internal APMD error; this error should not occur.
What does this mean? any help would be appreciated.
Ok found the root cause, problem is on ourside side. This is not a Browser driven environment but an headless client make these calls and it is manipulating the OAuth response to convert into lower case causing this failure.
Ok found the root cause, problem is on ourside side. This is not a Browser driven environment but an headless client make these calls and it is manipulating the OAuth response to convert into lower case causing this failure.
