• SystemLink returns a large number of claims.
• SystemLink returns claims with values that exceed the capacity of the OpenID Connect shared memory cache.

1. As an administrator, open C:\Program Files\National Instruments\Shared\Web Server\conf\defines.d\, and open 50_mod_auth_openidc-defines.conf.
2. Configure Define AUTH_OIDC_CACHE_ENTRY_SIZE to a number larger than the required size of the cache entry specified in the error log.

oidc_cache_shm_set: could not store value since value size is too large
oidc_cache_set: could NOT store X bytes in shm cache backend for key Y

• The provider is using an asymmetric encryption algorithm for ID token management. Also, the private keys are missing or incorrect.
• The provider is using an unsupported encryption algorithm for ID token management.

• Confirm that the provider uses supported encryption and signing algorithms. For more information, refer to Supported Signing and Encryption Algorithms and the documentation for your provider.
• If the provider is using asymmetric ID token management encryption, confirm the configuration of the following:
  • The private key in the provider-issuer-uri.conf file.
  • The public key that corresponds to the private key in the provider.

For information on configuring the private key, refer to Configuring SystemLink to Connect to Your OpenID Connect Provider.

For information on configuring the public key, refer to the documentation for your provider.

For information on configuring the encryption algorithm for ID token management refer to the documentation for your provider.

oidc_proto_parse_idtoken: oidc_jwt_parse failed