TIB Provider not found error

Hi Team,

I am trying to use tyk identity broker with salesforce as the identity provider. I have setup a profile for salesforce using the api and made required changes in my profiles.json file. However I am getting a “Provider not found” error. Is this because I have missed some configuration or is it because tyk doesnot have configurations for salesforce as identity provider.

My profiles.json file is
[
{
“ActionType”: “GenerateOrLoginUserProfile”,
“ID”: “1”,
“IdentityHandlerConfig”: {“DashboardCredential”: “2486ee5c73864fc77be703802151d5c3”},
“MatchedPolicyID”: “5ba8ea4cac747b15411c46ec”,
“OrgID”: “5ba8e381ac747b15411c46ea”,
“ProviderConfig”: {
“CallbackBaseURL”: “http://f40729df.ngrok.io”,
“FailureRedirect”: “https://embeded-login.herokuapp.com”,
“UseProviders”: [{
“Key”: “",
“Name”: “salesforce”,
“Secret”: "
",
“DiscoverURL”: "
*****/.well-known/openid-configuration”
}]
},
“ProviderName”: “ProxyProvider”,
“ReturnURL”: “https://embeded-login.herokuapp.com”,
“Type”: “redirect”
}
]

tyk.conf file:
{
“listen_port”: 8080,
“node_secret”: “352d20ee67be67f6340b4c0605b044b7”,
“secret”: “352d20ee67be67f6340b4c0605b044b7”,
“template_path”: “/opt/tyk-gateway/templates”,
“use_db_app_configs”: true,
“db_app_conf_options”: {
“connection_string”: “”,
“node_is_segmented”: false,
“tags”:
},
“disable_dashboard_zeroconf”: false,
“app_path”: “/opt/tyk-gateway/apps”,
“middleware_path”: “/opt/tyk-gateway/middleware”,
“storage”: {
“type”: “redis”,
“host”: “localhost”,
“port”: 6379,
“username”: “”,
“password”: “”,
“database”: 0,
“optimisation_max_idle”: 2000,
“optimisation_max_active”: 4000
},
“enable_analytics”: true,
“analytics_config”: {
“type”: “”,
“ignored_ips”: ,
“enable_detailed_recording”: true,
“enable_geo_ip”: false,
“geo_ip_db_path”: “”,
“normalise_urls”: {
“enabled”: true,
“normalise_uuids”: true,
“normalise_numbers”: true,
“custom_patterns”:
}
},
“health_check”: {
“enable_health_checks”: false,
“health_check_value_timeouts”: 60
},
“optimisations_use_async_session_write”: true,
“allow_master_keys”: false,
“policies”: {
“policy_source”: “service”,
“policy_connection_string”: “”,
“policy_record_name”: “tyk_policies”,
“allow_explicit_policy_id”: true
},
“hash_keys”: true,
“suppress_redis_signal_reload”: false,
“use_redis_log”: true,
“close_connections”: false,
“enable_non_transactional_rate_limiter”: true,
“enable_sentinel_rate_limiter”: false,
“experimental_process_org_off_thread”: false,
“local_session_cache”: {
“disable_cached_session_state”: false
},
“http_server_options”: {
“enable_websockets”: true
},
“uptime_tests”: {
“disable”: false,
“config”: {
“enable_uptime_analytics”: true,
“failure_trigger_sample_size”: 2,
“time_wait”: 10,
“checker_pool_size”: 50
}
},
“hostname”: “”,
“enable_custom_domains”: true,
“enable_jsvm”: true,
“oauth_redirect_uri_separator”: “;”,
“coprocess_options”: {
“enable_coprocess”: false,
“coprocess_grpc_server”: “”
},
“pid_file_location”: “./tyk-gateway.pid”,
“allow_insecure_configs”: true,
“public_key_path”: “”,
“close_idle_connections”: false,
“allow_remote_config”: false,
“enable_bundle_downloader”: true,
“bundle_base_url”: “”,
“global_session_lifetime”: 100,
“force_global_session_lifetime”: false,
“max_idle_connections_per_host”: 500
}

Any help will be greatly appreciated.
Thanks
Sunayana

Hi

TIB does not currently support saleforce as a provider, however Tyk Identity Broker is an open source project so you can either fork it or make the change you need to get it working and submit a pull request.

You can see the list of supported providers in the code here:

Thanks
Josh

I checked and salesforce is a possibly provider you can add.

Thanks

Hi Josh,

thankyou so much, I will try and get back.

Thanks
Sunayana

1 Like

Hi
Please change the name to from “salesforce” to “openid-connect”. We support ANY provider that follow the OIDC standards (with /authorize and /token calls).

This is the line in the code:

Thanks
Yaara

Hi Yerra, thanks. I have a followup question. For the MatchedPolicyId I am crreating an API and a policy. Do I need to create an OpenID Api and a matched policy?

Hi Team,

i was able to solve the “Provider not found” issue by changing the provider name to “openid-connect” and I am successfully being redirected to the salesforce login page. However, the callback is failing. I am getting this error “The requested URL /auth/2/openid-connect/callback” was not found on this server. Can anyone help with this?

PS: I am running tib in a virtual box and using ngrok to redirect 80 to localhost:3010. I am not sure if this information is useful, just in case.

Thanks,
Sunayana

That error is not coming from Tyk from what i can tell. Where do you see it?

Hi Josh,

I am getting this error when I login to the salesforce login screen after the authentication starts. On the address bar I see the authorization code from salesforce. The callback to exchange the token for the code is not happening. I am following the tutorial for setting up SSO with okta.

Hi Josh,

i figured out that this error was due to my bad, I forwarded the ngrok to 80 instead of 3010 due to which the callback was not happening.

Thanks
Sunayana

Thank for your help bro, for more visit the leading Salesforce development company in USA for more details