Overview
This article addresses an issue where an OAuth Credential Provider fails to reach a Ready state after the authorization process. This is typically caused by local browser security extensions—specifically Trend Micro ID Protection—interfering with the redirection and token exchange between the Aembit Portal and the Identity Provider.
Relates To
Section: Administration / Credential Providers
Credential Provider Type: OAuth 2.0 Authorization Code
Environment: Google Chrome with Security Extensions
Cause
The Trend Micro ID Protection Chrome extension may flag the Aembit authorization redirect as suspicious, silently blocking the final handshake. This results in the Credential Provider remaining in an Error state even after a seemingly successful login.
Diagnostic Test: To confirm if a browser extension is the cause:
Open the Aembit Tenant in Incognito Mode.
Attempt to authorize the Credential Provider.
If the state changes to Ready, a browser extension is blocking the process in your standard profile.
Solution
You can resolve this by either whitelisting the Aembit domain within the extension or temporarily disabling the extension during the authorization phase.
Option 1: Add Aembit to Trusted Websites (Recommended) To allow the authorization handshake while keeping your security extension active:
Open the Trend Micro ID Protection settings in Chrome.
Navigate to the Trusted Websites (or Whitelist) section.
Add the following wildcard domain:
https://*.aembit.io/*Re-authorize the Credential Provider.
Option 2: Disable the Extension
Navigate to
chrome://extensions/.Locate the Trend Micro ID Protection extension and toggle it to OFF.
Complete the Credential Provider authorization in the Aembit Portal.
Verify the state shows as Ready, then re-enable the extension.