How to debug PII is hidden. For more details, see https://aka.ms/IdentityModel/PII?
Root Cause
UiPath uses the OAuth OpenID framework for authentication. As part of this, certain data may be hidden to protect PII. For on-prem instances, this usually is not necessary but in general, this can be an important feature of the implementation.
This is a sign the authentication mechanism is misconfigured.
Resolution
- Verify which component is throwing the error. The error is typically seen when reviewing the event viewer logs. In the event viewer, it specifies a 'source' which explains which component through the error. Typically it will be the source Identity or Orchestrator.
- Once the failing component is identified, enable the PII logs.
- If the failing component is Identity, enable the logs as described here: Identity Server - Viewing Additional Information In Logs
- For Orchestrator set the ExternalAuth.ShowPII to true as described here UiPath - Orchestrator dll.config : ExternalAuthShowPII
- After making the change, either IIS needs to be restarted or the respective application pool needs to be restarted.
- Reproduce the error and re-review the logs.
- If the issue is not clear (a lot of times it takes a little knowledge of OpenId to understand the issue) open a ticket with UiPath and include the captured logs. See: How To Get Application Logs From The Event Viewer?
- Additionally, the setting can be left in place unless there is a concern about exposing usernames or emails in the logs.