Nationwide - 400 Bad Request - Token Endpoint

Description

Hi OB and Nationwide,

This morning we've been encountering an error with the Token endpoint.

We've been receiving the following response:

Response Headers
Date: Tue, 05 Nov 2019 08:17:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS017d9441=0173a37655435f21cc3e6a7ae5e09b6b0947c35e11a42d1cb2d6921d31c00b537a8b42dfb41b864c9c53eaa7482f5f54354db1d9a7; Path=/; Domain=.api.nationwide.co.uk
Content-Type: application/json
Response Body
{
"error" : "invalid_request" ,
"error_description" : "Invalid header: x-subject. CN and OU must match softwareId and orgId"
}

Looking through our MI, this only appears to have started happening today (5th).

From our side, we've made no changes in this area or released an update in the last few days.

Have any changes been made on Nationwides side that we should be aware of? Or is this an issue?

Regards,

Carl

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Service Desk

Reference

None

Service Desk Reference

OBSD-11939

ASPSP

Query Type

Read/Write

Created (Original)

Nov 05, 2019, 8:22 AM

TPP Impact

None

OB Environment

Production

Business Impact Severity

None

Share

Yes
Configure