Blue Prism 7.3 not authenticating with authentication server

kevin.barker · 4 weeks ago

the interactive client is not syncing with Authentication server and the following error is seen on the Blue Prism Application event log

BluePrism.AutomateAppCore.clsServerPartialClasses.AuthenticationServer.AuthenticationServerHttpRequester
Error getting Authentication Server users
System.ArgumentNullException: Value cannot be null.
Parameter name: mPreviousAccessToken
at BluePrism.AutomateAppCore.clsServerPartialClasses.AuthenticationServer.AuthenticationServerHttpRequester.VB$StateMachine_18_GetAccessToken.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at BluePrism.AutomateAppCore.clsServerPartialClasses.AuthenticationServer.AuthenticationServerHttpRequester.VB$StateMachine_17_MakeAuthenticatedRequest.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at BluePrism.AutomateAppCore.clsServerPartialClasses.AuthenticationServer.AuthenticationServerHttpRequester.VB$StateMachine_16_GetFilteredAuthenticationServerUsers.MoveNext()

and:

BluePrism.AutomateAppCore.clsServerPartialClasses.AuthenticationServer.AuthenticationServerHttpRequester
Could not get authentication token for Authentication Server
System.ArgumentNullException: Value cannot be null.
Parameter name: mPreviousAccessToken
at BluePrism.AutomateAppCore.clsServerPartialClasses.

and:

BluePrism.AutomateAppCore.clsServerPartialClasses.AuthenticationServer.AccessTokenRequester
invalid_client

kevin.barker · 3 weeks ago

I found the option to save the keys locally. to resolve the issue I created a new Service account, Updated the BP Server configuration and copied the automate v3 config and bpk to the hub server

View answer in original post

david.l.morris · 3 weeks ago

This Support Article says some things that sound similar: BPE error "unable to retrieve Authentication Server users" when adding users to a User Role :

The suggested resolution depends on the scenario and that article has multiple scenarios. Otherwise I'd copy/paste the simple resolution here if there was just one.

Dave Morris, 3Ci at Southern Company

kevin.barker · 3 weeks ago

Hub and API are installed on a separate server to BPE and I'm thinking that a step that I was unable to complete was with the BPK file when copying the Automate v3 config file to the Hub server, I am unsure where or how to find the PPK file on the BPE server

taylor_brooks · 3 weeks ago

That invalid_client line usually points to the auth server client config, not the user sync itself.

If Hub/API is on a different server from BPE, I would check the Automate v3 client registration first and make sure the same key pair is being used on both sides. In practice that usually means re-exporting the PPK/BPK from the BPE side, reapplying it on the Hub/API server, then confirming the client details in the copied Automate.config still match what the Authentication Server expects.

After that I would restart the relevant Blue Prism services or app pool and test again. If it still throws mPreviousAccessToken null, I would compare the client id, redirect/config values, and cert or key thumbprint between BPE and Hub because one mismatch there can produce exactly this error.

kevin.barker · 3 weeks ago

Are there any instructions for exporting the PPK/BPK?

kevin.barker · 3 weeks ago

I found the option to save the keys locally. to resolve the issue I created a new Service account, Updated the BP Server configuration and copied the automate v3 config and bpk to the hub server

SS&C Blue Prism Community

Blue Prism 7.3 not authenticating with authentication server