Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1300
Views
0
Helpful
5
Replies

Bad Request for SSO Request URI?

rey.lim
Level 1
Level 1

‎03-31-2017 01:50 PM

Hi,

I'm going through some Jabber SDK tutorials and working on SSO authentication. My sample app successfully discovers the CUCM server but the issue arises when it attempts to generate the request URI and get a response from the server:

Request URI:

https://<CUCM SERVER>:8443/ssosp/oauth/authorize?scope=UnifiedCommunications:readwrite&response_type=token&client_id=<TOKEN>&redirect_uri=http%3A%2F%2F<APP ADDRESS>%2Fsample%2Fredirect.html

Error Response:

{"error":INVALID_REQUEST,"error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."}

I'm looking through the SDK and the request URI it generates seems to be correct. Any ideas on what else to check to debug this issue?

Thanks

Labels:
0 Helpful
5 Replies 5

dstaudt
Cisco Employee
Cisco Employee

‎03-31-2017 02:41 PM

Can you provide a link to the tutorial info you are referring to?

If you are using the Jabber Web SDK, then SSO transactions (including building the SSO kickoff URI) are mostly transparently handled for you:

Tutorial: Single Sign On

If you are using either CUCM/UDS or CUC/CUMI APIs instead, then this tutorial is relevant:

https://developer.cisco.com/site/sso/

Specific to building the request URI:

Cisco DevNet: SSO

0 Helpful

rey.lim
Level 1
Level 1
In response to dstaudt

‎03-31-2017 02:45 PM

The first link that you have is what i'm using. However, when it launches the SSO window, I get the 400 error. I'm stuck in terms of trying to figure out the root cause of the issue. Could be a setting on the authentication service perhaps?

0 Helpful

dstaudt
Cisco Employee
Cisco Employee
In response to rey.lim

‎03-31-2017 03:00 PM

My guess would be that the redirect URI has not been configured on CUCM, and so is being rejected by the SSO kickoff request.  Can you confirm it is set under System/Enterprise Parameters/SSO Configuration/Redirect URIs for Third Party SSO Client:

(if there are two are more, then each should be comma-separated)

0 Helpful

rey.lim
Level 1
Level 1
In response to dstaudt

‎03-31-2017 03:06 PM

If it isn't, the URL here would need to be my app's redirect page right?

0 Helpful

dstaudt
Cisco Employee
Cisco Employee
In response to rey.lim

‎04-03-2017 07:53 AM

Correct

0 Helpful
Customers Also Viewed These Support Documents