Self-provisioning portal bad return: FetchResponse when assigning new soft-token
The following article describes situations where the users of the Mi-Token self-provisioning portal get an error while trying to assign a new soft-token:
bad return: FetchResponse failed for https://mobile....
It is important to understand the interaction between the different components in order to perform a correct diagnostic, and therefore, a possible solution when facing this error.
During the new soft-token assignment cycle, the server and the token need to exchange information in order to synchronize each other, so the server recognizes the new token as a reliable source. This information exchange is done online by means of a Mi-Token public service deployed at https://mobile.mi-token.com.
When the server exposing the self-provisioning portal detects that a new soft-token is trying to synchronize with it, the portal will try to synch back via the mobile.mi-token.com service. If the server is unable to reach this location or receives an error from it, it will report the following error on the portal screen:
An error has occurred: Bad return: FetchResponse failed for https://mobile...
At this point we can conclude that the error has occurred on the self-provisioning portal or at the mobile.mi-token.com server.
If the server exposing the self-provisioning portal cannot communicate with the mobile.mi-token.com server it will raise a bad return: FetchResponse error.
- Verify your network configuration. Make sure that the network connection devices are enabled and correctly configured.
- Verify that the server exposing the self-provisioning portal is able to connect to the mobile.mi-token.com server.
- Verify your network communication devices configuration. Make sure that all of the active devices allow for communication back and forth to mobile.mi-token.com.
The Mi-Token AD UI tool includes a configuration parameter located at the bottom of the screen, in the Miscellaneous tab of the Mi-token properties window:
By clicking this button, a new auxiliary dialog window appears:
- Verify that the Generate Multi-User Soft Token Links is unchecked. This functionality requires a separate configuration.
- Verify that the field labeled Mi-Token website to use is set to https://mobile.mi-token.com/4/, no space character at the beginning or at the end of the setting.
Old Mi-Token installation
On the General tab of the AD UI Properties windows you can find the software version your system is running.
Old instances may have trouble with the current version of the services deployed at https://mobile.mi-token.com
- Upgrade the Mi-Token software to the latest version.