Hi Joshfr,
Can you check that your Subject Type = pairwise in the client, and your OAuth server settings also support pairwise for Subject Type?
Please see: ForgeRock Access Management 7.1.4 > Reference > Global Services Configuration
Subject Type
Specify the subject identifier type, which is a locally unique identifier that will be consumed by the client. Select one of two options:
- public. Provides the same
sub(subject) value to all clients. - pairwise. Provides a different
sub(subject) value to each client.
Based on the error message, appears there could be an issue with accessing the user’s profile. If the above settings are already in place, you may wish to raise a Support ticket for further investigation.
Please see:
I hope this information helps.
Cheers,
Sheila