Unable to Send Authentication Results Back: Workaround

Most likely you are reading this page due to having received the following Nucleus error message in your browser:

Unable to send results back to the application that initiated the authentication.

Why

We are aware of this problem impacting some customers with recent versions of Chrome web browser. It has to do with internal changes to built-in flags’ configuration of Chrome.

While we are working on the ultimate fix for this problem, we offer workarounds as detailed below.

Chrome

This problem will affect Chrome versions released around and after September 2021.

To work around this, disable the Block insecure private network requests flag.

  • Copy the following into your clipboard: chrome://flags/#block-insecure-private-network-requests

  • Open up a new tab in Chrome. Paste the chrome://... link into the address bar of that tab

  • The flag will open and be highlighted. Change it to Disabled

  • Re-launch Chrome

../_images/chrome_flag.jpg

Edge

This problem should not be affecting Edge. Please contact your NVIDIA representative if affected by it while using Edge.

Firefox

This problem should not be affecting Firefox. Please contact your NVIDIA representative if affected by it while using Firefox.

Other Chromium-Based Browsers

You may attempt the same workaround as for Chrome (above). Please contact your NVIDIA representative if workaround offered for Chrome does not help resolve the situation.

Detailed Description of the Problem

When a Client (App or Connector) wants to authenticate with a Nucleus, a few things happen:

  • Client launches machine’s default web browser, and directs it to Nucleus’s Authentication Service

  • At the same time, Client creates a simple HTTP server on a random port. The port selected is passed to Nucleus’s Authentication Service as a URL parameter.

Once Authentication service completes the Authentication, it executes a small, client-side JavaScript-based HTTP request to the Client’s HTTP server. That request is how the Authentication service passes issued session tokens back to the Client.

That last bit - the HTTP call from the Browser back into the Client - is what is affected by latest Chrome updates. If Nucleus is not running SSL, the Authentication Service’s page will not be permitted to call back into the local port opened by Client.

Changing the flag outlined in the Chrome workaround above makes Chrome permit the callback.