Login to a custom setup SOLID server via an app

I am trying to login into a POD setup in a Community Solid Server via a mobile app. The OIDC flow implementation inside the mobile app works without an issue (the app can login into a POD in https://solidcommunity.net/ without any errors). However when I try to login to the server we setup it gives me the following server-side error.

Error verifying WebID via DPoP-bound access token: The access token issuer doesn’t match its associated WebID’s trusted OIDC issuers.
Actual:
Expected: https://solidpodt.net.au/

Not sure exactly why the actual issuer url comes as empty? Any hints on solving this issue will be of great help.

CSS is looking for solid:oidcIssuer in your profile. This is a pending specification.

Thanks @bourgeoa. but I am still getting the following error in my mobile app. After adding solid:oidcIssuer the server error is now gone.

401 {"error":"invalid_client","error_description":"client authentication failed"}

Any idea what’s causing this?

`invalid client’ did you try with and without / at the end.

CSS uses node-oidc-provider, which does a large number of checks.

CSS’s reporting of OIDC errors could be developed further (I’ve just added a feature request, IDP error reporting from oidc-provider · Issue #1061 · solid/community-server · GitHub) but I’ve found it useful to debug on the server for this kind of error.

@bourgeoa yes, tried both. Still getting the same error. And no errors are shown on the server-side logs

Finally managed to get around this. It was an issue with the client_secret.

Can you give some more detail why it worked with NSS an not with CSS.

Hi @bourgeoa, the issue was with the client_secret. I wasn’t using it correctly in the authorization token. I couldn’t recognised it before because the token is encoded using base64 encoding.