OIDC service errors

You may receive an error when using the Console App or Deployment App. This topic lists the most common OpenID Connect errors and how you can resolve them.

Table 1. Errors using GIP Console App or Deployment App
Error type	OIDC log message	Resolution
Configuration parameter errors	`ERROR : pid - [Discovery] "GetOpenIDConfiguration" ERROR :-15553`	OpenID configuration errors arise when the OpenID service: Does not exist at the IDP endpoint provided. Check the URL registered by the StarterApp in the idp.xml file or check the URL in the IdP metadata at the following URL: `https://host:port[/gas]/ws/r/services/GeneroIdentityProvider/.well-known/openid-configuration` Your request has invalid or missing parameters. If you are using HTTPS, see HTTPS errors.
Metadata error	`SQLERR : pid - [IdPManager] "GetIdPIdFromEntityID" could not retrieve metadata`	(See above)
Provider error	`ERROR : pid - [SPManager] "StartAuthentication" Issuer is missing`	(See above)
Permissions error	`Program error at 'RelayState.4gl', line number 95.SQL statement error number -6372 (-8).attempt to write a readonly database`	This error occurs when the program cannot write to the OIDC database. Grant the user account under which the Console App/Deployment App runs write permission on the directory containing oidc.db: $FGLDIR/web_utilities/services/openid-connect
License error	`Program error at 'Server.4gl', line number 77.FORMS statement error number -6016. Cannot get information for license (Error 00K000). Check your environment and the license (run 'fglWrt/greWrt/grxWrt -a info')`	Check your GAS environment, and run `fglWrt/greWrt -a info` to ensure your license is valid.