HTTP-based requests using the CLIENT_CERT in IDM 6.5

This topic has 1 reply, 2 voices, and was last updated 2 weeks ago by Jatinder Singh.

  • Author
    Posts
  • #28347
     waseem.syed
    Participant

    Hi,

    We are using ForgeRock 6.5 version of IDM.
    I can see there are some additional notes provided in IDM 7 version documentation on how to make HTTP-based requests using the CLIENT_CERT authentication module (https://backstage.forgerock.com/docs/idm/7/security-guide/auth-session-modules.html#client-cert-module).

    I tried using X-Requested-With header to make HTTP-based requests using the CLIENT_CERT authentication module but it is giving me “403 Forbidden access” error while using IDM 6.5 but it works fine in IDM 7.

    Can someone please help in providing details on how to make HTTP-based requests using the CLIENT_CERT authentication in IDM 6.5?

    Thanks,
    Waseem

    #28354
     Jatinder Singh
    Participant

    The Authorization and Access Control implementation has changed between v6.5 and v7.0. A 403 message indicates authorization related issue. I would suggest to set logging at FINE or FINEST and look for the actual exception. If it’s authorization related which is very likely, check script/access.js for /managed/user related access rules.

    Hope this helps!

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?