Re: SSPR 5015 Error with Access Manager OAuth Integration for SSO
The issue is resolved.
I was using the dafault OAuth Scope 'profile' which have LDAP:cn attribute in place which is as specified in the documentation. However after under a lot of test and even with a SR Support, nothing seems wrong.
However with deeper investigating the 'Profile' Attribute Set, it was found that it was mapping as 'nickname' remote attribute. This sounded a bit strange to me.
Hence I create a new 'SSPR' Attribute Set with LDAP:cn local attribute and mapping of 'cn' remote attribute. Create a new OAuth Scope 'sspr' and Update Identity Server. Modify SSPR to use the sspr scope and apply configuration.
Test SSPR Login, and this time I can successfully login to SSPR via NAM.
Then doing further test by modify SSPR to use the default NAM scope 'profile' and this time use 'nickname' as the Login Attribute. Apply and test. No error.
So this is where the Documentation is not clear I presumed.