Jira Data Center error "We cant log you in right now" message while trying to login to confluence using SSO

Error, "We cant log you in right now" message while trying to login to Jira using SSO Issue: Once you are authenticated from the Okta or any IDP, IDP will send the user to Jira or any SP, looks like the SP is not accessable by IDP to send the users to. Check your nextworking configuration to see if communication is working between these applications.

Okta CrowdStrike intergration and Zero Trust Assisment(ZTA) trobleshooting

Okta side 1. Enable integration between CRW and Okta 2. configure End Point Security 3. implement Authenticaiton Policy with overallscore logic 4. Enable/Configure FastPass -- user have to use FastPass when loggin in otherwise ZTA will not enforce. 5. Install Okta Client agent on the target system. CrowndStrike Side 1. Make sure to have 2 integration are done 1. Okta to CrowndStrike using SAML or OIDC 2. enable ZTA in Okta 2. Install/Configure CrowdStrike agent. Application Side( you are trying to implement ZTA) 1. Install/Configure OktaVerify/FastPass on the computer you are trying to login.

Okta AWS IAM Identity Center Integration error "Something went wrong Looks like this code isn't right. Please try again."

Error Something went wrong Looks like this code isn't right. Please try again. Senario, You integrated okta with AWS Identity Store following the Okta instructions but when you test, you are getting error. Reason, Okta is sending attribute value that does not exists in AWS Identity Store. Value in Okta or AWS Identity store does not match. Solution: IAM Identity Center is like a directory. when you are logging into the AWS you are beig authenticated by different store. You need to make sure user who are going to login to IAM Identity Center has users information there. either change the username value after clicking on Provisioning Tab of IAM Identity Center in Okta and change the username value or match the default username value to "IAM Identity Center" user information.

JIRA SSO with OAM 12c issue

After integrating Jira with OAM 12c, after authentication from OAM, user is landing on the OAM error page. It is not issue of integration. in the error logs message is about the Relay State that is miss leading. Here is what i did to fix it. Solution: Change the Federation configuration on the Jira(SP). change "Identity Provider Single Sign on URL" to send the SAML Request to OAM at https://your server name .com/oamfed/idp/samlv20. instead of at https://your servername.com/oam/server/fed/sp/sso making this change will fix integration issue. Jira will get the response from the new url and it will forward the user to the jira page.

OAM 12c Jan 2023 bundle patch error [FAILED] Environment has not met the minimum DBClient version(Database_Client 12.2.1.19.0) requirement.

error when running pre-stop oid command [FAILED] Environment has not met the minimum DBClient version(Database_Client 12.2.1.19.0) requirement. Solution: Run the following command to fix the issue. to do so you have to shutdown the OID run the below commmand and start the OID ../../../IDM_SPB_12.2.1.4.230117/tools/spbat/generic/SPBAT/logs/bas01occsiidm02_oid_12.2.1.4.230117/preCheck/dbclient/dbclient_upgrade.sh

to kill all the nodemanager

kill -9 `ps -ef | grep [N]odeManager | awk '{print $2}'`

Error Trigger Listener QuartzTriggerListener.triggerMisfired

error Solution in order to fix this issue increase the dataBasePoolSize this configuration is in the oim-config.xml export the MDS schema and update this value and improt again.

to check Alias command in linux

keytool -list -keystore /../../../jdk/jdk1.8.0_341/jre/lib/security/cacerts -storepass changeit | grep Alias

OAM 12c error Caused By: oracle.security.fed.controller.frontend.action.RequestHandlerRuntimeException: An error occurred while verifying/signing/encrypting/decrypting a message java.security.NoSuchAlgorithmException: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 Signature not available; oracle.security.fed.security.util.CryptoException: java.security.NoSuchAlgorithmException: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 Signature not available

error Caused By: oracle.security.fed.controller.frontend.action.RequestHandlerRuntimeException: An error occurred while verifying/signing/encrypting/decrypting a message java.security.NoSuchAlgorithmException: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 Signature not available; oracle.security.fed.security.util.CryptoException: java.security.NoSuchAlgorithmException: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 Signature not available Reason This error happen once we applied the OCT 2022 patch and changed the algorithm to sha256 from sha1 it is a bug and oracle provided the patch Oracle Access Manager (OAM) Federation Login Flow Fails "Incorrect username or password was specified" After Applying OAM BUNDLE PATCH 12.2.1.4.220906 (Doc ID 2905580.1) Solution Apply the above bundle patch to fix the issue

once certificate is updated follow the below steps to update database

once certificate is updated dow the following downloadAccessAtrificats(domainHome="/../../domains/IAMAccessDomain",prosFile="/../dbschema.properties") upload all certs into .oamkeystore and amtruststore saveAccessAtrificats(domainHome="/config/oam_domain",profFile="/config/oam/oam_domain/bin/dbschema.properties") if you dont run save command, new information will not show up

OAM 12c SAML Response needs value in firstname.lastname format in the response

Requirenment. We need to achieve a reuirenment where SAML response should be firstname.lastname but our username attribute from the OUD have email address. Tableau require username attribute in this formate. Solution. In a SAML response we have to contatinate the firstname and lastname values to achieve username attribute value here is the expresion we used in the SAML response username value. ${user.attr.givenname}.${user.attr.sn} results was firstname.lastname