Hi OB and Nationwide,
This morning we've been encountering an error with the Token endpoint.
We've been receiving the following response:
Date: Tue, 05 Nov 2019 08:17:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS017d9441=0173a37655435f21cc3e6a7ae5e09b6b0947c35e11a42d1cb2d6921d31c00b537a8b42dfb41b864c9c53eaa7482f5f54354db1d9a7; Path=/; Domain=.api.nationwide.co.uk
"error" : "invalid_request" ,
"error_description" : "Invalid header: x-subject. CN and OU must match softwareId and orgId"
Looking through our MI, this only appears to have started happening today (5th).
From our side, we've made no changes in this area or released an update in the last few days.
Have any changes been made on Nationwides side that we should be aware of? Or is this an issue?