cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1854
Views
0
Helpful
5
Replies

Bad Request for SSO Request URI?

rey.lim
Level 1
Level 1

Hi,

I'm going through some Jabber SDK tutorials and working on SSO authentication. My sample app successfully discovers the CUCM server but the issue arises when it attempts to generate the request URI and get a response from the server:

Request URI:

https://<CUCM SERVER>:8443/ssosp/oauth/authorize?scope=UnifiedCommunications:readwrite&response_type=token&client_id=<TOKEN>&redirect_uri=http%3A%2F%2F<APP ADDRESS>%2Fsample%2Fredirect.html

Error Response:

{"error":INVALID_REQUEST,"error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."}

I'm looking through the SDK and the request URI it generates seems to be correct. Any ideas on what else to check to debug this issue?

Thanks

5 Replies 5

dstaudt
Cisco Employee
Cisco Employee

Can you provide a link to the tutorial info you are referring to?

If you are using the Jabber Web SDK, then SSO transactions (including building the SSO kickoff URI) are mostly transparently handled for you:

Tutorial: Single Sign On

If you are using either CUCM/UDS or CUC/CUMI APIs instead, then this tutorial is relevant:

https://developer.cisco.com/site/sso/

Specific to building the request URI:

Cisco DevNet: SSO

The first link that you have is what i'm using. However, when it launches the SSO window, I get the 400 error. I'm stuck in terms of trying to figure out the root cause of the issue. Could be a setting on the authentication service perhaps?

My guess would be that the redirect URI has not been configured on CUCM, and so is being rejected by the SSO kickoff request.  Can you confirm it is set under System/Enterprise Parameters/SSO Configuration/Redirect URIs for Third Party SSO Client:

(if there are two are more, then each should be comma-separated)

If it isn't, the URL here would need to be my app's redirect page right?

Correct