Symptoms
After IDP feature is re-enabled by Provider, when a certain user login to CCP the user is returned with error "Error 500 An Internal server error has occurred".
At the same time, this issue is not experienced by other users.
Example:
Cause
Sequence of actions as below could cause the behavior to occur:
Provider enabled IDP.
Provider/Reseller enabled 2FA feature.
A user successfully login and then was prompted to setup MFA but the user didn't or didn't manage to act on it and did not proceed further.
Provider disabled IDP.
Provider re-enabled IDP.
Resolution
1. Login to Keycloak Admin Console.
2. Search for the affected user based on which brand realm does the affected user belongs to.
3. In the affected user's Detail page, remove Configure OTP action from the Required User Action field.
Example:
An affected user belongs to brand realm id sr5.
Hence, in Keycloak Admin Console:
1. Click on sr5:
2. Under Manage click on Users:
3. In the Users > Lookup page, search for the affected user using the user's FULL username:
4. Click on the result to open up the affected User detail page.
5. Look for field Required User Actions. In it there should be an action called Configure OTP like below:
6. Remove the Configure OTP action by clicking on the 'x' symbol.