Invalid request: Invalid Request:

LeafarM
New Contributor III

I still have problems with jamf connect 2.6.0 and the message Invalid Request: when 

<key>OIDCNewPassword</key>
    <false/>

As soon as is change to true it works correct.

What am I doing worng?  Here is my Plist:

Expand
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>OIDCDefaultLocal</key>
    <false/>
    <key>OIDCNewPassword</key>
    <false/>
    <key>OIDCUsePassthroughAuth</key>
    <true/>
    <key>OIDCProvider</key>
    <string>Azure</string>
    <key>OIDCClientID</key>
    <string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
    <key>OIDCROPGID</key>
    <string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
    <key>OIDCRedirectURI</key>
    <string>https://0.0.0.0/jamfconnect</string>
    <key>OIDCAdmin</key>
    <string/>
    <key>OIDCAdminAttribute</key>
    <string>roles</string>
    <key>OIDCClientSecret</key>
    <string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
    <key>OIDCIgnoreAdmin</key>
    <false/>
    <key>OIDCTenant</key>
    <string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
    <key>OIDCDiscoveryURL</key>
    <string/>
    <key>OIDCIgnoreCookies</key>
    <false/>
    <key>AuthServer</key>
    <string/>
    <key>OIDCAuthServer</key>
    <string/>
    <key>OIDCAccessClientID</key>
    <string/>
    <key>OIDCAdminClientID</key>
    <string/>
    <key>OIDCSecondaryLoginClientID</key>
    <string/>
    <key>OIDCScopes</key>
    <string/>
    <key>OIDCShortName</key>
    <string/>
    <key>OIDCROPGShortName</key>
    <string/>
    <key>OIDCIDTokenPath</key>
    <string/>
    <key>OIDCIDTokenPathRaw</key>
    <string/>
    <key>CreateJamfConnectPassword</key>
    <true/>
    <key>LocalFallback</key>
    <true/>
    <key>MessageOTPEntry</key>
    <string/>
    <key>CreateAdminUser</key>
    <false/>
    <key>DemobilizeUsers</key>
    <false/>
    <key>DenyLocal</key>
    <true/>
    <key>DenyLocalExcluded</key>
    <array/>
    <key>LicenseFile</key>
    <string/>
    <key>LAPSUser</key>
    <string/>
    <key>LDAPOverSSL</key>
    <false/>
    <key>Migrate</key>
    <false/>
    <key>MigrateUsersHide</key>
    <array/>
    <key>RightsTmpCache</key>
    <false/>
    <key>UIDTool</key>
    <string/>
    <key>BackgroundImage</key>
    <string/>
    <key>LoginLogo</key>
    <string/>
    <key>LoginWindowMessage</key>
    <string/>
    <key>AllowNetworkSelection</key>
    <true/>
    <key>HelpURL</key>
    <string/>
    <key>HelpURLLogo</key>
    <string/>
    <key>LocalHelpFile</key>
    <string/>
    <key>EULAFilePath</key>
    <string/>
    <key>EULAPath</key>
    <string/>
    <key>EULAText</key>
    <string/>
    <key>EULATitle</key>
    <string/>
    <key>EULASubTitle</key>
    <string/>
    <key>EnableFDE</key>
    <false/>
    <key>EnableFDERecoveryKey</key>
    <false/>
    <key>EnableFDERecoveryKeyPath</key>
    <string/>
    <key>AuthUIOIDCProvider</key>
    <string/>
    <key>AuthUIOIDCClientID</key>
    <string/>
    <key>AuthUIOIDCRedirectURI</key>
    <string/>
    <key>AuthUIOIDCTenant</key>
    <string/>
    <key>AuthUIOIDCClientSecret</key>
    <string/>
    <key>AuthUIOIDCDiscoveryURL</key>
    <string/>
    <key>ScriptArgs</key>
    <string/>
    <key>ScriptPath</key>
    <string/>
    <key>ROPGProvider</key>
    <string>Azure_v2</string>
    <key>ROPGTenant</key>
    <string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
    <key>ROPGDiscoveryURL</key>
    <string/>
    <key>ROPGRedirectURI</key>
    <string>https://127.0.0.1/jamfconnect</string>
    <key>ROPGClientSecret</key>
    <string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
    <key>ROPGSuccessCodes</key>
    <array/>
    <key>MFAExcluded</key>
    <array/>
    <key>MFARename</key>
    <dict>
      <key>call</key>
      <string/>
      <key>email</key>
      <string/>
      <key>push</key>
      <string/>
      <key>question</key>
      <string/>
      <key>sms</key>
      <string/>
      <key>hardwareToken</key>
      <string/>
      <key>hotpToken</key>
      <string/>
      <key>okta:token:software:totp</key>
      <string/>
      <key>google:token:software:totp</key>
      <string/>
      <key>token</key>
      <string/>
      <key>u2f</key>
      <string/>
      <key>web</key>
      <string/>
      <key>webauthn</key>
      <string/>
    </dict>
  </dict>
</plist>

Thankfull for every hint.

1 ACCEPTED SOLUTION

LeafarM
New Contributor III

Im not shure what I have changed, but now it seems to work.

 

View solution in original post

3 REPLIES 3

YanW
Contributor III

mine is similar except OIDCRedirectURI part. 

<key>OIDCRedirectURI</key>
    <string>https://127.0.0.1/jamfconnect</string>

 

LeafarM
New Contributor III

Thank you, but no luck.

LeafarM
New Contributor III

Im not shure what I have changed, but now it seems to work.