IBM Support

CRJZS0033E The Consumer Key is not Valid and the Consumer may not be Registered

Troubleshooting


Problem

This technote explains how to resolve the error "The consumer key is not valid and the consumer may not be registered."
This can occur in all the CLM applications but the below example is based on Rational Quality Manager.

Symptom

Attempts to restart Tomcat result in this error when using Rational Quality Manager:

hh:mm:ss,152 [http-9443-Processor22] ERROR com.ibm.team.lpa.http - CRJCA0043W There was an error executing an LPA request with host https://<server>:9443.                                            
>>> HEAD https://<server>:9443/jts/storage/com.ibm.team.lpa.... HTTP/1.1 com.ibm.team.jfs.app.oauth.OAuthInvalidConsumerKeyException: CRJZS0033E The consumer key is not valid and the consumer may not be registered.  The service provider is "https://<server>:9443". The consumer      
key is "123...a0b".  at                                                                
com.ibm.team.jfs.app.oauth.OAuthHelper.checkResponseForOAuthErrorsInternal(OAuthHelper.java:1293) at                                      
com.ibm.team.jfs.app.oauth.OAuthHelper.checkResponseForOAuthErrors(OAuthHelper.java:1277)

The Jazz Team Server and Quality Management logs do not have any errors. However, the admin log has the error.

Cause

The LPA application is sending an invalid consumer key to the Jazz Team Server. This can happen if you had problems during setup and tried to unregister and reregister LPA to troubleshoot.

Resolving The Problem

Check that the LPA knows the correct consumer key.

1. Go to the Jazz Team Server admin web interface.

2. Go to the Consumers (Inbound) page and find the consumer for LPA. It should be named "/admin", if you followed the standard setup. The URL is similar to:
https://<yourserver>:9443/jts/admin#action=com.ibm.team.repository.admin.configureOAuth

This URL brings you to the OAuthConsumers page in JTS Admin > Server Admin > Communication > Consumers (Inbound).

3. Note the consumer key.

4. Check the error message.
In this example, "The service provider is "https://<yourserver>:9443". The consumer key is "123...a0b"..."). LPA thinks it should start with "123" and end with "a0b".

Check your server/conf/admin/friends.rdf file for the XML element "jfs:oauthConsumerKey":

<jfs:oauthConsumerKey>....</jfs:oauthConsumerKey>


This element will have the starting and ending characters of the error.
 

5. Determine which key is the correct one. Do this by shutting down the server. In the "server" folder of your installation, run this command:

repotools-jts -listStorageAreaKeys
 

6. The command should output a list of pairs of storage area names followed by consumer keys, all separated by commas. Somewhere in the output, you can find several entries that start with "com.ibm.team.lpa". The consumer key after the entries should be the same for all entries. The consumer keys should match either the key you see in the Jazz Team Server Consumers page or the one you see in the friends.rdf file.
 

  1. If the storage area key matches the one in the Jazz Team Server Consumers page, then you should edit the friends.rdf file to replace the key value with the one from the Consumers page.

    The "secret" value is probably also wrong, but there is no way to know what the correct value is. Instead, copy the secret value from the friends.rdf file.

    Start the server, go to the Consumers page in /jts/admin. click on the pencil icon next to the consumer entry for LPA, and paste in the secret (twice) that you copied from the friends.rdf file.

    Click Finish.
     
  2. If the storage area key matches the one in the friends.rdf file:

    Start the server and go to the Consumers page. Delete the consumer entry for LPA, because you cannot change the key value.

    Create a new entry using the "Register consumer" form at the top of the page. However, instead of letting it generate a key, click the message "Click here to pick the consumer key instead". Click that message so that you can paste in the key from the friends.rdf file. Paste in the secret value and select the Trusted checkbox.

    After creating the consumer, edit it so that you can set the functional user id to "lpa_user".

 

Upon restart, the error should go away.
Have any users restart their browsers and clear out any cookies. This is to be sure you are not using cookies with old tokens in them.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPRJQ","label":"IBM Engineering Lifecycle Management Base"},"Component":"Jazz Team Server, JTS","Platform":[{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Product Synonym

Rational Collaborative Lifecycle Management Solution

Document Information

Modified date:
28 April 2021

UID

swg21515099

Page Feedback