This section provides information on troubleshooting-related activities for the SAP Authorization and Trust Management service in the Cloud Foundry environment.
We also recommend that you regularly check the SAP Notes and Knowledge Base for component
BC-CP-CF-SEC-IAMin the SAP Support Portal. These contain information about program corrections and provide additional information.To help you troubleshoot your issue, we also recommend increasing the log verbosity of your application and application router. We provide a script to help you. If for some reason you can't use this script, increase the log verbosity manually, see related link.
To troubleshoot problems with tokens from SAP Cloud Identity Services, see Logging OpenID Connect Tokens in the documentation for SAP Cloud Identity Services.
Our troubleshooting information can be found in Troubleshooting for the SAP Authorization and Trust Management service in the Cloud Foundry environment. Check the individual troubleshooting topics for your error message. If you can't find your problem, create an incident in the component BC-CP-CF-SEC-IAM. For more information, see the related link.
-
AuthnRequest expired - ID: <RequestId> Destination: <IdPDestination>
-
InResponseToField of Response doesn‘t correspond to the sent message
-
Response issue time is either too old or with date in the future. Sync IdP to match skew <skew>
-
Cockpit displays HTTP status 500 error on logon with custom IdP user
Related Information
Enable and Provide Application Logs
Auditing and Logging Information for SAP Authorization and Trust Management Service