Hi all,

I'm evaluating TD15.1.2. Until a couple of days ago, there were no issues, and it was working properly.

However, it is not possible to download a published deliverable from the repository with Organize Space now. When I tried to download the file, it said, "Couldn't download - Needs authentication."

The published file can be downloaded with Publication Manager. I looked into the Trisoft.InfoShare.WebApi_xxx file and found the following error:

02:18:33.8549 Info (PID 1324:10) 00-57d4643db2853ce50683318b8d6a5251-de43ed2a85c9f485-00 a:AuthenticationTypes.Federation:CloudGateUNO:naoki.hirai /ISHWS/Api/v0/Publications/ByLanguageCardId/2982351/Form?formId=Properties_Update_ISHPublicationOutput&clientName=WebClients&clientName=OrganizeSpace Microsoft.AspNetCore.Hosting.HostingApplicationDiagnostics.LogRequestFinished Request finished HTTP/2 GET sdlcm2-uat.intra.kbt-global.com/.../Form - 200 - application/json;+charset=utf-8 101.3074ms []
02:18:38.2306 Info (PID 1324:10) 00-004f94f67508548411b4cb7b5cb3eab7-7b7d8e389970846b-00 na:: /ISHWS/Api/v0/Publications/ByLanguageCardId/2982351/Content?t=1753496318203 Microsoft.AspNetCore.Hosting.HostingApplicationDiagnostics.LogRequestStarting Request starting HTTP/2 GET sdlcm2-uat.intra.kbt-global.com/.../Content - - - []
02:18:38.2306 Error (PID 1324:10) 00-004f94f67508548411b4cb7b5cb3eab7-7b7d8e389970846b-00 na:: /ISHWS/Api/v0/Publications/ByLanguageCardId/2982351/Content?t=1753496318203 Trisoft.Identity.Web.Policy.EnabledInfoShareUserAuthorizationHandler.HandleRequirementAsync The user '(null)' is not a valid InfoShare user. []
Trisoft.Utilities.Common.Exceptions.RequiredParameterNotFoundException: The required parameter "externalId" was not found. The external identifier cannot be derived from the identity. The claims 'schemas.xmlsoap.org/.../name' and 'schemas.xmlsoap.org/.../nameidentifier' are missing.
at Trisoft.InfoShare.Core.Identity.Services.UserContextAuthenticationService.AuthenticateExternal(String applicationName, String externalId, IEnumerable`1 externalClaims, String authenticationType)
at Trisoft.InfoShare.Core.Identity.Services.UserContextAuthenticationService.AuthenticateFromPrincipal(ClaimsPrincipal principal)
at Trisoft.InfoShare.Core.Identity.Services.UserContextClaimsConverterService.ConvertFromClaims(ClaimsPrincipal principal)
at Trisoft.Identity.Web.Policy.EnabledInfoShareUserAuthorizationHandler.HandleRequirementAsync(AuthorizationHandlerContext context, EnabledInfoShareUserAuthorizationRequirement requirement)
AsyncMethodBuilderCore.Start => <HandleAsync>d__0.MoveNext => EnabledInfoShareUserAuthorizationHandler.HandleRequirementAsync
02:18:38.2439 Info (PID 1324:10) 00-004f94f67508548411b4cb7b5cb3eab7-7b7d8e389970846b-00 na:: /ISHWS/Api/v0/Publications/ByLanguageCardId/2982351/Content?t=1753496318203 Microsoft.AspNetCore.Hosting.HostingApplicationDiagnostics.LogRequestFinished Request finished HTTP/2 GET sdlcm2-uat.intra.kbt-global.com/.../Content - 401 - - 13.3304ms []

It seems that an externalId claim is not being transferred from the IdP. Therefore, I captured the network log using a development tool in a web browser. The captured data is as follows, and there isn't an externalId claim:

Since I have to change user properties for many users to enable them to log in with an external IdP, which is CloudGate UNO, I created a PowerShell script similar to this:

foreach ($user in $FilteredUserList) {
$user = Set-IshMetadataField -IshSession $ishSession -IshObject $user -Name FISHUSERTYPE -Value "External"
$user = Set-IshMetadataField -IshSession $ishSession -IshObject $user -Name FISHEXTERNALID -Value ("CloudGateUNO:" + $user.USERNAME)
$user = Set-IshUser -IshSession $ishSession -IshObject $user
}

Based on what I see in the Settings / Users of Organize Space, the External IDs are set to the correct values. But, I'm concerned that this PowerShell script may have caused the issue.

Thank you in advance for your help.

Kind regards,
Naoki