IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

error enabling the secret token validation

  • 1.  error enabling the secret token validation

    Posted Wed April 01, 2020 09:57 AM
    Hi good day

    I enabled secret token validation, but when I try to log out of sam it shows this error

    Method: GET

    URL: /pkmslogout

    Error Code: 0x38983423

    Error Text: DPWAD1059E The validation of the secret token for the request failed.



    i hope you can help me

    ------------------------------
    CARY GAITAN
    ------------------------------


  • 2.  RE: error enabling the secret token validation

    Posted Thu February 11, 2021 12:55 PM
    Edited by Gianluca Mamone Thu February 11, 2021 12:55 PM
    Hi Cary,
    I'm having a look at Secret Token Validation page:

    When secret token validation is enabled, WebSEAL adds a token to each session and validates the "token" query argument for these account management requests. For example, the request to /pkmslogout changes to pkmslogout?token=<value>, where <value> is the unique session token.

    Note: This setting modifies the URLs for these WebSEAL management pages. Each of the affected management requests must contain a "token" argument with the current session token. For example, /pkmslogout?token=a861582a-c445-4462-94c9-b1074e135b9f.

    If secret token validation is enabled and the token argument is missing from the request or does not match the real session token, WebSEAL returns a "400 Bad Request" error page.


    Could this be helpful for you?

    Regards

    ------------------------------
    Gianluca Mamone
    Cybertech
    Rome
    ------------------------------

    Original Message


Related Content