Business Analytics Connect, learn and share with over 10000 users across the IBM Business Analytics. Ask a question
https://ibm-casupport-dev.onelogin.com/oidc/.well-known/openid-configuration9. Create a new user and fill in the details10. Click "SAVE" and then "Applications"11. Click on the "Default" policy and then "SAVE"12. Click on "MORE ACTIONS" and select "Change Password"13. Provide a temporary password and then force the user to change it:14. Confirm the user is added to the application being provisionedAt this point moving over to Cognos Analyics, created a new Generic Namespace for OpenID with the following entries:15. Import the CA Root Certificate by downloading it16. Run the following command line from the CA installation:..\bin>ThirdPartyCertificateTool.bat -i -T -r COMODORSACertificationAuthority.crt -p NoPassWordSet17. Re-open Cognos Configuration and startThen log inTroubleshootIf login fails with 'AAA-OIDC-0009 The provided credentials are invalid", this could mean the user doesnt have access to the application (OneLogin):Check the users application section which here shows its not listed or granted:Click on Roles / Default and then "SAVE USER" button. Go back to that section to confirm the application is listed:Additional Information:
In 11.1.4+ there are 4 new advanced configuration items:nameauthorizeEPAddParms (authorize redirect)pgTokenEPAddParms (on password grant flow to the token endpoint)rtTokenEPAddParms (on refresh token flow to the token endpoint)codeTokenEPAddParms (on authorization code flow to the token endpoint)This allows you to control exactly what addition parameters are added and specifically to which endpoints. Given the "resource" parameter could be represented using the new advanced configuration items, the value let's you put whatever you want in the URL... as a consequence, the value must include the &, the parameter name, and the parameter value which MUST be url encode e.g.name valueauthorizeEPAddParms &resource=HTTPS%3A%2F%2FADFS_SERVER