There's a bug in the California Secretary of State bizfileonline site that prevents users from editing their account.
- Browse to https://bizfileonline.sos.ca.gov/ and click
Login
- Login with as a valid user account
- Click your user's name/email address in the upper right to show the Logout / My Account drop down
- Click
My Account
which brings up the modal dialog titled "My Account" - Click the
Edit my account
button
To be taken to an interface that allows for editing your account
- The
Edit my account
button is a link pointing to https://idm.sos.ca.gov//enduser/settings - When you click the link it serves back a page which begins an OAuth2 authorization flow by redirecting the user to a URL like https://idm.sos.ca.gov/oauth2/v1/authorize?client_id=okta.2b1959c8-bcc0-56eb-a589-cfcfb7422f26&code_challenge=REDACTED&code_challenge_method=S256&nonce=ejy4RB4DrXFLf497iptU1PJnoCH4cvCs5ny4UzO4KLUd3ndwLNDLs7rziR0hr5Qx&redirect_uri=https%3A%2F%2Fidm.sos.ca.gov%2Fenduser%2Fcallback&response_type=code&state=REDACTED&scope=openid%20profile%20email%20okta.users.read.self%20okta.users.manage.self%20okta.internal.enduser.read%20okta.internal.enduser.manage
- Which in turn redirects the user to a URL like https://idm.sos.ca.gov/enduser/callback?state=REDACTED&error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.
- This access denied redirect is either because the original edit settings URL is incorrect (maybe the
//enduser/settings
path with the extra/
is because a templated value between the two/
characters isn't being injected into the page, or it's just some backend permission issue)
- This access denied redirect is either because the original edit settings URL is incorrect (maybe the
- Next when the user's browser browses to that callback URL with the error message a page is served which triggers a javascript redirect to https://idm.sos.ca.gov/error/enduser-not-assigned which in turn redirects the user to https://bizfileonline.sos.ca.gov
I reported this to the California Secretary of State webmaster today 1/4/2023