This topic has 4 replies, 3 voices, and was last updated 1 month, 4 weeks ago by Scott Heger.

  • Author
  • #27767


    I try to invoke the OIDC implicit flow, but fail. What works:

    – authorization code grant
    – resource owner password grant
    – refresh token grant

    So the client is correctly setup. I’m on OpenAM and in the “Advanced” tab in the OAuth2 client configuration, I added “Implicit” to the “Grant Types”. I would therefore expect, that this should get me to the authorization page:

    But I get:

    error_description=Response type is not supported.

    There is nothing more – I tried to enable debug logging, but while there is _some_ logging it is not debug level.

    So can someone help me, why the implicit flow does not work? (Yes I know its problems, but I first want to setup a working development setup and then choose the flow to use). Or can someone tell me how to get some sane debugging into OpenAM?

    Thank you


     Jatinder Singh

    Please ensure the “id_token” response type plugins is available in your OAuth2 Provider. If not, add the below:



    Thank you! That was the missing piece.

     Jatinder Singh

    I am glad I could help. Also, useful is to check well-known OIDC configuration page for supported response types. If a response type you plan to use is missing from the “response_types_supported” field – you know a plugin is likely not there and need to be added.

     Scott Heger

    This is a common problem people run into when they initially set up their OAuth Provider via the Common Tasks in the Realm Dashboard. If you configure it as just an OAuth 2.0 Provider is doesn’t include id_token as a response type. I always recommend choosing the “Configure OpenID Connect” option just so it is there in case you decide to use OIDC in the future. Adding it manually like @jsingh recommended or by going through the Common Tasks and selecting Configure OAuth Provider -> Configure OpenID Connect would fix it as well.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?