Citrix Access Gateway OAUTH IDP: Getting ” Failed to login the user due to insufficient claims. Please contact your administrator”

Customer has configured Citrix Access Gateway as OAuth IDP with Workspace in Cloud and after user authentication is completed, users were getting the error as shownbelow

” Failed to login the user due to insufficient claims. Please contact your administrator”

The Attributes sent by Citrix Access Gateway (OAuth IDP) can be seen in /var/log/ns.log.

In the below log snippet, you could see that the Attributes such as ( Name, UPN, CIP and SID, etc ) sent by Citrix Access GAteway (OAuth IDP) are BLANK.

ns.log:

=======


Nov 6 13:55:09 <local0.info> XX.XX.XX.XX 06/11/2019:12:55:09 0-PPE-0 : default AAATM Message 3795 0 : “OAUTHIDP: CC IDTOKEN: user: <test@example.com>’s claims are: sub:, name:, upn:, email:, ctx_auth_alias:, cip_domain:, cip_forest: sid:, oid:, amr:[“otp”], nonce:637085983001757588.Mjg2NWQ2YWMtZDI5OC00ZjQ4LTk0NDQtNTJlM2I1ZmVlNjBlOGQ0NzQ0OWUtNjZlMi00NjI0LWIzMWQtNTNjYzMzY2VkYzk0, familyname:, givename:, domain: , groups len 0

Related:

  • No Related Posts

Leave a Reply