------------------------------
Rudy Santos
------------------------------

I am sorry that I do not know what is missing - OIDC is not something I play with very often in my home lab.

So my suggestion is that you get case out of the door - I know that the documentation is getting a brush up - and this might have been fixed for the IVIG FP1 release that is coming RSN.

Good luck :-) 

------------------------------
Franz Wolfhagen
WW IAM Solution Architect - Certified Consulting IT Specialist
IBM Expert Labs
------------------------------

Original Message:
Sent: Wed June 25, 2025 03:04 PM
From: Rudy Santos
Subject: IVIG OIDC Configuration

Hello,

 

I have configured OIDC for the UI (Service Center) and Admin Console by following the steps provided in the documentation.

 

However, when I try to access both URLs (below), I now receive a "404 page not found" message instead of being redirected to my OIDC provider, as I'm not authenticated.

 

Am I missing something?

 

Thanks.

------------------------------
Rudy Santos
------------------------------

Hey Franz,

I had a few setbacks while configuring OIDC:
1) Incorrect URLs. These are the correct ones that start oidc "/itim/ui" for the enduser and "/itim/console" to manage ivig.
2) I don't know why, but when I restarted the container using the provided command kubectl -n isvgim rollout restart statefulset isvgim, the MQ pod went into a locked state. I started using kubectl delete pod isvgim-0 instead, since the configuration is only for the ivig pod.
3) I configured the provider using the RS256 signature instead of HS256, which caused Liberty to complain that the keys weren't in the truststore.

After that, the RP (ivig) redirected OIDCOP.

Other interesting point: the trustAliasName parameter isn't useful, because every time you configure isvg, the isvgimTruststore.jks file is recreated and all aliases are generated dynamically.

Something is still missing, preventing the logged-in user from seeing their profile and showing the message: "You do not have the necessary permissions to view the form."

Tks.

------------------------------
Rudy Santos
------------------------------

Original Message:
Sent: Thu June 26, 2025 02:18 AM
From: Franz Wolfhagen
Subject: IVIG OIDC Configuration

I am sorry that I do not know what is missing - OIDC is not something I play with very often in my home lab.

So my suggestion is that you get case out of the door - I know that the documentation is getting a brush up - and this might have been fixed for the IVIG FP1 release that is coming RSN.

Good luck :-) 

------------------------------
Franz Wolfhagen
WW IAM Solution Architect - Certified Consulting IT Specialist
IBM Expert Labs

Original Message:
Sent: Wed June 25, 2025 03:04 PM
From: Rudy Santos
Subject: IVIG OIDC Configuration

Hello,

 

I have configured OIDC for the UI (Service Center) and Admin Console by following the steps provided in the documentation.

 

However, when I try to access both URLs (below), I now receive a "404 page not found" message instead of being redirected to my OIDC provider, as I'm not authenticated.

 

Am I missing something?

 

Thanks.

------------------------------
Rudy Santos
------------------------------