diff --git a/internal/servers/controller/handlers/authmethods/authmethod_service.go b/internal/servers/controller/handlers/authmethods/authmethod_service.go index f6d76cd1be..6be950ad11 100644 --- a/internal/servers/controller/handlers/authmethods/authmethod_service.go +++ b/internal/servers/controller/handlers/authmethods/authmethod_service.go @@ -916,7 +916,7 @@ func validateCreateRequest(req *pbs.CreateAuthMethodRequest) error { } if len(attrs.GetIdpCaCerts()) > 0 { if _, err := oidc.ParseCertificates(attrs.GetIdpCaCerts()...); err != nil { - badFields[caCertsField] = fmt.Sprintf("Cannot parse CA certificates. %v", err.Error()) + badFields[idpCaCertsField] = fmt.Sprintf("Cannot parse CA certificates. %v", err.Error()) } } if len(attrs.GetClaimsScopes()) > 0 { @@ -1037,7 +1037,7 @@ func validateUpdateRequest(req *pbs.UpdateAuthMethodRequest) error { } if len(attrs.GetIdpCaCerts()) > 0 { if _, err := oidc.ParseCertificates(attrs.GetIdpCaCerts()...); err != nil { - badFields[caCertsField] = fmt.Sprintf("Cannot parse CA certificates. %v", err.Error()) + badFields[idpCaCertsField] = fmt.Sprintf("Cannot parse CA certificates. %v", err.Error()) } } if len(attrs.GetClaimsScopes()) > 0 { diff --git a/internal/servers/controller/handlers/authmethods/oidc.go b/internal/servers/controller/handlers/authmethods/oidc.go index 5757b873d9..6b88ccdd26 100644 --- a/internal/servers/controller/handlers/authmethods/oidc.go +++ b/internal/servers/controller/handlers/authmethods/oidc.go @@ -36,7 +36,7 @@ const ( stateField = "attributes.state" callbackUrlField = "attributes.callback_url" apiUrlPrefixField = "attributes.api_url_prefix" - caCertsField = "attributes.ca_certs" + idpCaCertsField = "attributes.idp_ca_certs" signingAlgorithmField = "attributes.signing_algorithms" disableDiscoveredConfigValidationField = "attributes.disable_discovered_config_validation" roundtripPayloadAttributesField = "attributes.roundtrip_payload"