CWOAU

CWOAU0001I: Initializing OAuth 20 providers.
Explanation Initialization of the OAuth modules has started.
Action None, informational only.
CWOAU0002I: OAuth TAI enabled successfully.
Explanation Enablement of the OAuth TAI completed successfully.
Action None, informational only.
CWOAU0003I: OAuth Provider created successfully.
Explanation Creation of the OAuth provider completed successfully.
Action None, informational only.
CWOAU0004E: Error: admin commands must run in connected mode to a started server.
Explanation OAuth administration commands require a running server environment to modify settings.
Action Start the server or deployment manager and try again.
CWOAU0005I: OAuth Provider deleted successfully.
Explanation Deletion of the OAuth provider completed successfully.
Action None, informational only.
CWOAU0006E: Filename already exists.
Explanation The specified filename must not exist.
Action Specify a new file name.
CWOAU0007E: OAuth provider not found.
Explanation The specified OAuth provider does not exist.
Action Check the OAuth provider name and try again.
CWOAU0008I: Configuration successfully written to {0}
Explanation The command has completed successfully.
Action None, informational only.
CWOAU0009E: File not found: {0}
Explanation The specified file name does not exist.
Action Check the file name and try again.
CWOAU0010I: Configuration imported successfully.
Explanation The command has completed successfully.
Action None, informational only.
CWOAU0011I: OAuth20MBean processing command {0}.
Explanation The OAuth MBean on this node has been invoked to run a command.
Action None, informational only.
CWOAU0012E: Error initializing OAuth framework
Explanation The OAuth framework failed to initialize.
Action Refer to the exception details for further information.
CWOAU0013I: OAuth20ClientMBean processing command {0}.
Explanation The OAuth MBean on this node has been invoked to run a command.
Action None, informational only.
CWOAU0014E: No OAuth Client MBeans found, in-memory client table operations will fail.
Explanation A configuration error has retrieved registration or lookup of MBeans of type OAuth20ClientMBean.
Action Refer to the MBean registration trace logs for further details.
CWOAU0015E: Failed to delete the client with id = {0}.
Explanation The client provider failed to delete the specified client because of an internal error.
Action None, informational only.
CWOAU0016E: Failed to update the client with id = {0}.
Explanation The client provider failed to update the specified client because of an internal error.
Action None, informational only.
CWOAU0017E: Failed to create the client.
Explanation The client provider failed to create a new client because of an internal error.
Action None, informational only.
CWOAU0018E: Cannot get request dispatcher specified by configuration {0} at context={1} path={2}.
Explanation The OAuth20 endpoint servlet cannot find the specified request dispatcher to render the template.
Action Double check the configuration parameter and make sure the specified context root and path exist.
CWOAU0019E: You are not authorized to access this protected resource.
Explanation The username parameter in the OAuth request was either not specified or was a null string.
Action Specify a valid username parameter in the OAuth request.
CWOAU0020E: The authorization code {0} does not belong to the client attempting to use it: {1}.
Explanation The client_id parameter specified in the OAuth request does not match the client ID value in the authorization code. These values should match. One reason for this error is that that the client_id parameter in the OAuth request was modified during the OAuth flow.
Action Make sure the value of the client_id parameter in the OAuth request is the same client ID value that was used when obtaining the authorization code.
CWOAU0021E: The parameter [{0}] contains an illegally formatted value: [{1}].
Explanation The value of scope parameter in the OAuth request is not valid. The scope parameter must only contain the following hexidecimal characters: [x21, x(23 through 5B), x(5D through 7E)]
Action Make sure the scope parameter only contains characters that are supported.
CWOAU0022E: The following OAuth parameter was provided more than once in the request: {0}
Explanation The same parameter was specified multiple times in the OAuth request.
Action Double check the parameter in the OAuth request and make sure it is specified only once.
CWOAU0023E: The OAuth service provider could not find the client {0}.
Explanation The OAuth service provider could not find the client specified in the value of the client_id parameter in the OAuth request.
Action Make sure the client is registered with the OAuth service provider or specify a registered client for the client_id parameter value. Also, ensure that the client is enabled in the OAuth service provider configuration.
CWOAU0024E: The OAuth client {0} presented an invalid client secret in the OAuth request.
Explanation The value of client_secret parameter in the OAuth request was not valid.
Action Check the value of the client_secret parameter in the OAuth request and make sure it matches the client secret value of the registered client in the OAuth service provider configuration.
CWOAU0025E: The grant_type parameter was invalid: {0}
Explanation The value of the grant_type parameter in the OAuth request is not valid.
Action Make sure the value of the grant_type parameter in the OAuth request is from one of the following values: authorization_code, password, client_credentials, refresh_token, implicit, urn:ietf:params:oauth:grant-type:jwt-bearer
CWOAU0026E: The redirect URI parameter was invalid: {0}
Explanation The value of the redirect URI parameter in the OAuth request may not be a valid absolute URI.
Action Make sure the value of the redirect URI parameter in the OAuth request is a valid absolute URI value.
CWOAU0027E: The response_type parameter was invalid: {0}
Explanation The value of the response_type parameter in the OAuth request is not valid.
Action Check the value of the response_type parameter in the OAuth request and make sure it contains one of the following values: code, token.
CWOAU0028E: The requested scope: [{0}] exceeds the scope granted by the resource owner: [{1}].
Explanation The value of the scope parameter in the OAuth request cannot be broader than the scope approved for the client.
Action Check the value of the scope parameter in the OAuth request and make sure it is equal to or a subset of the scope that was approved by the resource owner.
CWOAU0029E: The token with key: {0} type: {1} subType: {2} was not found in the token cache.
Explanation The OAuth token was either not in the cache, or the token type or subType did not match the expected value.
Action Make sure the client associated with the token is not disabled in the OAuth provider configuration. Also make sure the type and subType of the token both have the values that are expected.
CWOAU0030E: An invalid HTTP method was used at the token endpoint: {0}
Explanation The HTTP method used by the OAuth client is not valid.
Action Make sure the client uses the HTTP POST method.
CWOAU0031E: The client_id passed in the request to the token endpoint: {0} did not match the authenticated client provided in the API call: {1}
Explanation The value of the client_id parameter in the API call did not match the client ID in the authorization code that was sent to the client.
Action Check the client_id parameter in the OAuth request or API call and make sure it matches the client ID that was used when obtaining the authorization code.
CWOAU0032E: The received redirect URI: {0} does not match the redirect URI the grant was issued to: {1}
Explanation The value of the redirect_uri parameter in the OAuth request does not match the redirect URI attribute in the registered client.
Action Check the value of the redirect_uri parameter in the OAuth request and make sure it matches the redirect URI attribute that exists in the registered client.
CWOAU0033E: A required runtime parameter was missing: {0}
Explanation The OAuth provider runtime code did not find a required parameter when processing the client request.
Action Check the missing parameter in the OAuth request and make sure that it is specified.
CWOAU0034E: A public client attempted to access the token endpoint using the client_credentials grant type. The client_id is: {0}
Explanation An OAuth public client is not allowed to use the client_credentials grant type.
Action Check the value of the grant_type parameter in the OAuth request and use a different grant type for the public client.
CWOAU0035E: A public client attempted to access the token endpoint and public clients are forbidden in this component configuration. The client_id is: {0}
Explanation The OAuth provider is configured to not allow public clients to access the token endpoint.
Action If you intend to allow access to public clients, set the allowPublicClients attribute to true in the OAuth provider configuration.
CWOAU0036E: The refresh token: {0} does not belong to the client attempting to use it: {1}
Explanation The value of the client_id parameter in the OAuth request does not match the client ID in the refresh token.
Action Check the value of the client_id parameter in the OAuth request and make sure it matches the client ID that is contained in the refresh token.
CWOAU0037E: HTTP scheme is used at the specified endpoint: {0}, HTTPS is required.
Explanation The OAuth provider requires the OAuth request to use HTTPS, but HTTP was used in the request URL.
Action Check the request URL in the OAuth request and make sure it uses HTTPS.
CWOAU0038E: The client could not be verified. Either the client ID: {0} or client secret is incorrect.
Explanation The OAuth provider could not verify the client.
Action Check that the client ID and client secret are valid and they match the configuration of the OAuth client and OpenID Connect client.
CWOAU0039A: Authorization failed for user {0} The user is not granted access to any of the required roles for OAuth 2.0 and the OpenID Connect request.
Explanation The user does not have the necessary permission to access the resource of OAuth 2.0 and OpenID Connect.
Action Contact your security administrator if this is unexpected. Your user must be mapped to one of the roles of the OAuth web application security role map.
CWOAU0039W: The request directed to the endpoint URL of [{0}] was not recognized by the OAuth provider as a valid request.
Explanation OAuth 2.0 and OpenID Connect requests are expected to be directed to a specific subset of endpoints. The request URL might not have been formatted correctly, or the request was directed to a context or endpoint that does not support these requests.
Action Check the path of the request to make sure it is properly formatted and directed to a valid endpoint that supports OAuth 2.0 or OpenID Connect requests, whichever is appropriate.
CWOAU0041E: The filter criteria matched for more than one provider [{0}] for processing the request. The filter criteria should not overlap between providers.
Explanation OAuth 2.0 and OpenID Connect requests are expected to be directed to a specific provider based on the filter criteria. However, this request met the criteria for multiple provider filter configurations.
Action Check the filter configuration of each provider to make sure the filter criteria do not overlap between multiple providers.
CWOAU0042E: The authorization request [{0}] parameter value: [{1}] is not valid because it has a value of ''none'' in addition to other values.
Explanation The prompt parameter must not contain other values when a value of 'none' is specified.
Action Specify only the 'none' value in the prompt parameter or specify the other values without the 'none' value.
CWOAU0043E: The OAuth authorization endpoint could not redirect the user agent to the redirection URI [{0}] because there was an unexpected java.io.IOException with message: {1}
Explanation There was an unexpected java.io.IOException while attempting to redirect to the client's redirection URI.
Action Review the exception message.
CWOAU0044E: The OAuth authorization endpoint could not process the OAuth request because there was no issuer identifier found.
Explanation The issuer identifier is missing and it is required to complete the OAuth resource request. This is an internal server error.
Action None.
CWOAU0045E: The OAuth token endpoint could not write the HTTP response to the OAuth client {0} because there was an unexpected exception with message: {1}
Explanation There was an unexpected exception while attempting to write the HTTP response for an OAuth token request.
Action Review the exception message.
CWOAU0046E: The OAuth token endpoint could not process the OAuth request because there was no issuer identifier found.
Explanation The issuer identifier is missing and it is required to complete the OAuth token request. This is an internal server error.
Action None.
CWOAU0047E: The OAuth service provider could not decode an HTTP request query string parameter because there was an unexpected java.io.UnsupportedEncodingException.
Explanation There was an unexpected java.io.UnsupportedEncodingException while attempting to decode an HTTP request query string parameter from the 'application/x-www-form-urlencoded' MIME format for an OAuth token or resource request.
Action None.
CWOAU0048E: The configuration parameter [{0}] is not set.
Explanation The OAuth20 provider cannot process the request because the required configuration parameter is not set.
Action Check the configuration parameter and make sure the required configuration parameter is configured.
CWOAU0049E: The specified class with the configuration parameter [{0}] does not match the required interface class [{1}].
Explanation The OAuth20 provider cannot construct the specified class because the specified class does not match the required interface class.
Action Check the configuration parameter and make sure the specified class is an implementation class of the required interface class.
CWOAU0050E: The specified class [{0}] with the configuration parameter [{1}] cannot be instantiated. The root exception is : {2}
Explanation The OAuth20 provider cannot instantiate the specified class.
Action Review the exception message.
CWOAU0051E: The configuration value [{1}] which is specified with the configuration parameter [{0}] is not valid.
Explanation The OAuth20 provider cannot process the request because the specified configuration parameter is invalid.
Action Check the configuration parameter and make sure the specified value is valid.
CWOAU0052E: The value of the configuration parameter [{0}] does not match the grant_type parameter [{1}] in the OAuth request.
Explanation The OAuth20 provider cannot process the request because the grant_type parameter in the request is not allowed to process.
Action Check the configuration parameter and make sure the specified value is consistent with the grant_type parameter in the OAuth request.
CWOAU0053E: The value of the configuration parameter [{0}] does not match the response_type parameter [{1}] in the OAuth request.
Explanation The OAuth20 provider cannot process the request because the response_type parameter in the request is not allowed to process.
Action Check the configuration parameter and make sure the specified value is consistent with the respose_type parameter in the OAuth request.
CWOAU0054E: The userClientTokenLimit in the token cache with userID "{0}" and clientID "{1}" has been exceeded or reached. The limit is: {2}.
Explanation The same user has too many active sessions with the same OAuth20 provider.
Action Either increase the value of the userClientTokenLimit attribute in the configuration to increase the size of the token cache, or use a different user/client combination, such as a different client.
CWOAU0055E: The redirect URI specified in the registered client of the OAuth provider is not valid: {0}
Explanation The value of the redirect attribute in the OAuth provider's registered client may not be a valid absolute URI.
Action Make sure the value of the redirect attribute in the OAuth provider's registered client configuration is a valid absolute URI value.
CWOAU0056E: The redirect URI parameter [{0}] provided in the OAuth or OpenID Connect request did not match any of the redirect URIs registered with the OAuth provider [{1}].
Explanation The value of the redirect_uri parameter specified in the OAuth or OpenID Connect request does not match any of the redirect URI values specified in the registered client of the OAuth provider.
Action Make sure the value of the redirect_uri parameter in the OAuth or OpenID Connect request matches one of the redirect URI values specified in the registered client configuration.
CWOAU0057E: The response_type parameter [{0}] in the OAuth or OpenID Connect request cannot include both [{1}] and [{2}] as response types.
Explanation The OAuth or OpenID Connect request should have only one response type.
Action Check the value of the response_type parameter in the OAuth or OpenID Connect request and make sure it contains only one response type.
CWOAU0058E: The OAuth token with key [{0}], type [{1}], and subType [{2}] has expired.
Explanation The OAuth token has expired and is no longer valid.
Action Request a new OAuth token from the OAuth provider.
CWOAU0059E: The OAuth token with key [{0}], type [{1}], and subType [{2}] is not associated with any client, or the associated client is not enabled.
Explanation The OAuth token is not associated with any client, or the associated client has been disabled in the configuration.
Action Check the OAuth provider client configuration to make sure the appropriate client is configured and enabled.
CWOAU0060E: The redirect URI included in the OAuth or OpenID Connect request is {0}, but a non-null redirect URI is provided in the request for the authorization grant: {1}
Explanation If no redirect URI is included in the request, then a redirect URI must not have been specified in the request for the authorization grant.
Action Check the value of the redirect_uri parameter in the OAuth or OpenID Connect request and make sure it matches the redirect URI attribute that exists in the registered client, or do not include a redirect URI in the request for the authorization grant.
CWOAU0061E: The OAuth service provider could not find the client because the client name is not valid. Contact your system administrator to resolve the problem.
Explanation The OAuth service provider could not find the client specified in the value of the client_id parameter in the OAuth request.
Action Contact your system administrator to resolve the problem.
CWOAU0062E: The OAuth service provider could not redirect the request because the redirect URI was not valid. Contact your system administrator to resolve the problem.
Explanation Either the value of the redirect attribute in the OAuth provider's registered client may not be valid or, if the redirect_uri parameter is specified in the OAuth request, its value does not match the redirect URI value specified in the OAuth provider's registered client.
Action Contact your system administrator to resolve the problem.
CWOAU0063E: The token endpoint request failed because of two different client_id(s) in the request. One of the client_id(s) is {0} and another is {1} which is authenticated and very likely passed in through the Authorization header.
Explanation The value of the client_id parameter in the request did not match the authenticated client_id which is passed in through the request as well.
Action Make sure only only one authenticated client_id is in the request. A client_id can be passed through the Authorization header or the parameter of a request.
CWOAU0064E: The requested scope [{0}] and registered scope [{1}] of the client [{2}] does not have a common scope among them. The resultant scope is empty.
Explanation The requested scope set and the registered scope set must have at least one common scope between them.
Action Make sure requested and registered scope sets have at least one common scope between them.
CWOAU0065E: The authorization server cannot process the [{0}] request. It is missing the required scope parameter.
Explanation The OpenID Connect request must have a scope with a non empty string.
Action Make sure that the OpenID Connect request has a valid scope parameter.
CWOAU0066E: The token endpoint request failed because of too many requests from the same user.
Explanation The same user has too many active sessions with the same OAuth20 provider.
Action Either increase the value of the userClientTokenLimit attribute in the configuration to increase the size of the token cache, or use a different user/client combination, such as a different client.
CWOAU0067E: The request has been denied by the user, or another error occurred that resulted in denial of the request.
Explanation The user has either denied the OAuth request by canceling the request on the scope consent form, or some other error has occurred that has denied access to the OAuth request.
Action The user must allow the OAuth provider to share the scopes that the client requires in order for the OAuth request to succeed. If the user approved the request, check the logs on the OAuth provider for any additional errors.
CWOAU0068E: The request on the OpenID Connect authorization endpoint failed because the requested scope for [{0}] client is not allowed by the client configuration.
Explanation The client configuration must contain a list of scopes allowed for the client, otherwise the OpenID Connect authorization requests fail.
Action Make sure you register a list of scopes in the client configuration of the OpenID Connect Provider. Set the scope to the allowed scopes or to ALL_SCOPES in the case where all scopes are acceptable.
Reference topic    

Terms and conditions for product documentation | Feedback

Last updated: Apr 17, 2017 8:10:18 PM CDT
http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=/com.ibm.websphere.messages.doc/com.ibm.ws.security.oauth20.resources.ProviderMsgs.html

© Copyright IBM Corporation 2006, 2011. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)