Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Woohoo! Qlik Community has won “Best in Class Community” in the 2024 Khoros Kudos awards!
Announcements
Nov. 20th, Qlik Insider - Lakehouses: Driving the Future of Data & AI - PICK A SESSION

Qlik Sense OIDC authentication returns Proxy.SessionEstablishment.Authentication.OIDC.OidcAttributeParserException' was thrown

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Alexis_Touet
Former Employee
Former Employee

Qlik Sense OIDC authentication returns Proxy.SessionEstablishment.Authentication.OIDC.OidcAttributeParserException' was thrown

Last Update:

Mar 9, 2022 3:58:07 AM

Updated By:

Sonja_Bauernfeind

Created date:

Nov 12, 2021 9:55:37 AM

When trying to connect to a Qlik Sense Enterprise on Windows virtual proxy configured with OIDC authentication, you are receiving an error 400 (bad request).

 

Alexis_Touet_0-1636727143610.png

 

When checking Qlik audit proxy log in %ProgramData%\Qlik\Sense\Log\Proxy\Trace, you can see the following warning:

 

22436 20211110T171644.102+0200 WARN QlikServer1 Audit.Proxy.Proxy.SessionEstablishment.Authentication.OIDC.OidcAuthenticationHandler 88 5966b8de-8895-404f-a2b9-822fab03b46b DOMAIN\qvservice Proxy.SessionEstablishment.Authentication.OIDC.OidcAttributeParserException: Exception of type 'Proxy.SessionEstablishment.Authentication.OIDC.OidcAttributeParserException' was thrown.↵↓ at Proxy.SessionEstablishment.Authentication.OIDC.OidcAttributeParser.ParseMultiValueClaim(JwtPayload jwtPayload, String claimsAttrib, Boolean isMandatory)↵↓ at Proxy.SessionEstablishment.Authentication.OIDC.OidcAuthenticationHandler.AddOidcAttributeMapItemsToUserSessionAttribute(IList`1 userAttributes, List`1 oidcAttributeMapItems, JwtPayload jwtPayload, IConnectionData connData)↵↓ at Proxy.SessionEstablishment.Authentication.OIDC.OidcAuthenticationHandler.AddClaimsToUserSessionAttribute(IList`1 userAttributes, JwtPayload jwtPayload, IConnectionData connData, VirtualProxyConfig vpConfig)↵↓ at Proxy.SessionEstablishment.Authentication.OIDC.OidcAuthenticationHandler.<GetAuthenticatedUser>d__11.MoveNext()

 

 

 

Environment

Qlik Sense Enterprise on Windows 

 

Resolution

Use the following article to manually generate an OIDC token and check what attributes are being returned. 

Make sure the mandatory attributes are present on your Virtual Proxy and adjust your settings if needed. 


Alexis_Touet_1-1636728628211.png

 

Cause

You are missing OIDC mapping attributes  that have been  marked as "mandatory" in the QMC Virtual proxy OIDC attribute mapping settings

Related Content

Qlik Sense: How to request an OIDC token manually and check if correct attributes are included (Powe...

Qlik Sense Enterprise on Windows
Thumbnail of Qlik Sense Enterprise on Windows
Qlik Sense Enterprise on Windows
Tags (1)
Labels (1)
1,893 Views
Was this article helpful? Yes No
Version history
Last update:
‎2022-03-09 03:58 AM
Updated by:
Digital Support