PeopleSoft Token authentication failed: issuing node PSFT_HR is not a trusted node
If you’ve implemented single signon and it may cease to work in certain situations like when database refresh is done or PIA is reinstalled. You can get error like “PeopleSoft Token authentication failed: issuing node PSF_HR is not a trusted node.”
Single signon setup usually breaks when you do a database refresh and do not exclude the PeopleTools tables. Here are some of the validations you can go through to make sure that single signon is still working and avoid errors like “PeopleSoft Token authentication failed: issuing node PSF_HR is not a trusted node.”
Validations for Single Signon:
- The basic trust relationship model should exist – The Default Local Node of one system must match in Name and Password to a Remote Node on the second system. The reverse is also true.
- The AuthTokenDomains must match between systems. This means that the following must be consistent:
- Authentication Domain in the General Tab of the Web Profile must be set.
- CookieDomain session parameter value must be set in the %PS_HOME%\webserv\sitename\applications\peoplesoft\PORTAL\WEB-INF\weblogic.xml file.
- URI values on all nodes involved must include the fully qualified domain name, not simple machine names.
- If systems use the same web server, defaultPort and defaultScheme must be set on the configuration.properties. The Protocol and Port must also be set on the Virtual Addressing tab of the Web Profile.
- Nodes must use passwords or SSL certificate.
- The Nodes (both the Default Local and Remote node) must be trusted in all databases.
- User ID must exist with same name (not necessarily same password) in both systems.
Let us know in the comment section below if it helped or you continue to face issue.