I have an application which gets authenticated using OpenAM REST API, once I login to J2EE application successfully on the same browser on a new tab if I try to access /openam url, my expectation it should load the user profile page (basically openam should get authenticated) as user access token is available in appl header but it takes me to openam login page though I have a authenticated appln with token available in cookie.
In this scenario domain of appl and openam is same but the nodes are different.
whats goes wrong why openam couldn’t get the user token get authenticated successfully ?
After your application authenticates via the REST API is it setting the returned tokenId as a cookie in the user’s browser? If so, is it setting the correct cookie name and is it setting the cookie to the host (i.e. developer.xyz.com) or the domain (xyz.com)?