Problem with ssoadm add-svc-realm

This topic contains 1 voice and has 0 replies.

  • Author
    Posts
  • #19701
     mtuhin 
    Participant

    Hi, I am evaluating AM 5.5.1 and as part of configuring OAuth2Provider, I use ssoadm dobatch option. In the dobatch file, I have a command like below:

    add-svc-realm -e FR -s OAuth2Provider -a “forgerock-oauth2-provider-jwt-token-lifetime=7200” “forgerock-oauth2-provider-keypair-name=oidc-signing-key” “moduleMessageEnabledInPasswordGrant=True” “forgerock-oauth2-provider-issue-refresh-token-on-refreshing-token=True” “forgerock-oauth2-provider-saved-consent-attribute=” “forgerock-oauth2-provider-amr-mappings=” “MapValueValidator=com.sun.identity.common.configuration.MapValueValidator” “forgerock-oauth2-provider-code-verifier-enforced=false” “forgerock-oauth2-provider-claims-parameter-supported=false” “storeOpsTokens=False” “forgerock-oauth2-provider-access-token-lifetime=7200” “forgerock-oauth2-provider-oidc-claims-extension-script=36863ffb-40ec-48b9-94b1-9a99f71cc3b5” “forgerock-oauth2-provider-loa-mapping=” “tokenSigningHmacSharedSecret=gU3qocfMKdb5jIbOlcq7D5iJEBOJc1sRPcqrjzNOP/0=” “forgerock-oauth2-provider-id-token-signing-algorithms-supported=HS256” “forgerock-oauth2-provider-id-token-signing-algorithms-supported=HS384” “forgerock-oauth2-provider-id-token-signing-algorithms-supported=HS512” “forgerock-oauth2-provider-id-token-signing-algorithms-supported=RS256” “supportedIDTokenEncryptionMethods=A128CBC-HS256” “supportedIDTokenEncryptionMethods=A256CBC-HS512” “forgerock-oauth2-provider-scope-implementation-class=org.forgerock.openam.oauth2.OpenAMScopeValidator” “forgerock-oauth2-provider-created-attribute-name=” “displayNameAttribute=cn” “forgerock-oauth2-provider-refresh-token-lifetime=604800” “devicePollInterval=5” “forgerock-oauth2-provider-issue-refresh-token=True” “forgerock-oauth2-provider-response-type-map-class=code|org.forgerock.oauth2.core.AuthorizationCodeResponseTypeHandler” “forgerock-oauth2-provider-response-type-map-class=id_token|org.forgerock.openidconnect.IdTokenResponseTypeHandler” “forgerock-oauth2-provider-response-type-map-class=token|org.forgerock.oauth2.core.TokenResponseTypeHandler” “forgerock-oauth2-provider-authentication-attributes=uid” “forgerock-oauth2-provider-generate-registration-access-tokens=False” “forgerock-oauth2-provider-supported-scopes=address|Your postal address” “forgerock-oauth2-provider-supported-scopes=email|Your email address” “forgerock-oauth2-provider-supported-scopes=openid|” “forgerock-oauth2-provider-supported-scopes=phone|Your telephone number(s)” “forgerock-oauth2-provider-supported-scopes=profile|Your personal information” “forgerock-oauth2-provider-supported-scopes=session|Minimum data for session” “forgerock-oauth2-provider-supported-scopes=srv2srv|Service to service access” “completionUrl=” “idTokenInfoClientAuthenticationEnabled=True” “tokenSigningECDSAKeyAlias=” “statelessTokensEnabled=True” “forgerock-oauth2-provider-modified-attribute-name=” “supportedIDTokenEncryptionAlgorithms=RSA1_5” “clientsCanSkipConsent=True” “forgerock-oauth2-provider-authorization-code-lifetime=120” “forgerock-oauth2-provider-allow-open-dynamic-registration=false” “forgerock-oauth2-provider-default-scopes=address” “forgerock-oauth2-provider-default-scopes=email” “forgerock-oauth2-provider-default-scopes=openid” “forgerock-oauth2-provider-default-scopes=phone” “forgerock-oauth2-provider-default-scopes=profile” “alwaysAddClaimsToToken=True” “customLoginUrlTemplate=https://auth.devstage-aws.company_name.fr/login?goto=${goto}” “forgerock-oauth2-provider-hash-salt=nHNPmwZAedg7” “deviceCodeLifetime=300” “forgerock-oauth2-provider-supported-claims=address|Postal address” “forgerock-oauth2-provider-supported-claims=email|Email address” “forgerock-oauth2-provider-supported-claims=family_name|Family name” “forgerock-oauth2-provider-supported-claims=given_name|Given name” “forgerock-oauth2-provider-supported-claims=locale|Locale” “forgerock-oauth2-provider-supported-claims=name|Full name” “forgerock-oauth2-provider-supported-claims=phone_number|Phone number” “forgerock-oauth2-provider-supported-claims=profile|Your personal information” “forgerock-oauth2-provider-supported-claims=zoneinfo|Time zone” “verificationUrl=” “forgerock-oauth2-provider-default-acr=” “tokenSigningAlgorithm=RS256” “forgerock-oauth2-provider-subject-types-supported=public”

    But when I execute the command I get the error: “Incorrect data format, postal.” Has anyone encountered such error?

    I noticed that I get similar errors for all the property values with ‘|’ in them.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2017 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?