This section provides general guidelines for troubleshooting the Consent Service and any connection issues.
When evaluating the configuration:
- Make sure that the Consent Service is enabled.
- Make sure that the Consent Service base distinguished name (DN) exists.
- Make sure that the Consent Service's service account has the correct permissions.
- If the Consent Service should accept bearer tokens, make sure that:
- One or more
access tokenvalidators are configured correctly. access token A data object by which a client authenticates to a resource server and lays claim to authorizations for accessing particular resources.
- The identity mappers for the access token validators are configured correctly.
- The authorization servers are configured correctly to issue tokens that the
Consent Service can accept. Check the
unprivileged-consent-scopeproperties of the Consent Service configuration.
- One or more
- If privileged users are defined, make sure that the members of the
LDAPgroup are specified by the Consent Service configuration's LDAP (Lightweight Directory Access Protocol) An open, cross platform protocol used for interacting with directory services.
- If there are applications that allow individuals to manage their own consents, make
sure that the system is properly configured to map
subjectDNs. Check the Consent Service configuration's