Page created: 24 Jul 2019 |
Page updated: 6 Nov 2019
The following are general guidelines for troubleshooting the Consent Service and any connection issues. When evaluating the configuration, make sure these issues are addressed first:
- Is the Consent Service enabled?
- Does the Consent Service base DN exist?
- Does the Consent Service's service account have the correct permissions?
- If the Consent Service should accept bearer tokens:
- Are one or more Access Token Validators correctly configured?
- Are the identity mappers for the Access Token Validators configured correctly?
- Are the authorization servers correctly configured to issue tokens that the Consent Service will accept? Check the audience, privileged-consent-scope, and unprivileged-consent-scope properties of the Consent Service configuration.
- If privileged users are defined, are the members of the LDAP group specified by the Consent Service configuration's privileged-users-group-dn property?
- If there are applications that allow individuals to manage their own consents, is the system properly configured to map actor and subject DNs? Check the Consent Service configuration's consent-record-identity-mapper property.