zowe · zowe-robot · Mar 29, 2024
diff --git a/docs/troubleshoot/troubleshoot-apiml-error-codes.md b/docs/troubleshoot/troubleshoot-apiml-error-codes.md
@@ -523,70 +523,70 @@ The following error message codes may appear on logs or API responses. Use the f
 
   **Reason:**
 
-  The string sent by the central Gateway was not recognized as a valid DER-encoded certificate in the Base64 printable form.
+  The string sent by the central Gateway was not recognized as valid DER-encoded certificate in the Base64 printable form.
 
   **Action:**
 
-  Ensure that forwarding of the client certificate is also enabled in the central Gateway. Check for any error messages from the central Gateway.
+  Ensure that the forwarding of client certificate is enabled also in the central Gateway. Check for any error messages from the central Gateway.
 
 ### ZWEAT501E
 
   Failed to get trusted certificates from the central Gateway. Unexpected response from %s endpoint. Status code: %s. Response body: %s
 
   **Reason:**
-  
-  The response status code is different from the expected 200 OK.
-  
+
+  The response status code is different from expected 200 OK.
+
   **Action:**
-  
+
   Ensure that the parameter apiml.security.x509.certificatesUrl is correctly configured with the complete URL to the central Gateway certificates endpoint. Test the URL manually.
 
 ### ZWEAT502E
 
   Invalid URL specified to get trusted certificates from the central Gateway. Error message: %s
-  
+
   **Reason:**
-  
+
   The parameter apiml.security.x509.certificatesUrl is not correctly configured with the complete URL to the central Gateway certificates endpoint.
-  
+
   **Action:**
-  
+
   Ensure that the parameter apiml.security.x509.certificatesUrl is correctly configured.
 
 ### ZWEAT503E
 
   An error occurred during retrieval of trusted certificates from the central Gateway. Error message: %s
-  
+
   **Reason:**
-  
-  The communication with the cloud gateway got interrupted or an error occurred while processing the response.
-  
+
+  The communication with the cloud gateway got interrupted or an error occurred during processing the response.
+
   **Action:**
-  
+
   Check the provided error message. Contact the support.
 
 ### ZWEAT504E
 
   Failed to parse the trusted certificates provided by the central Gateway. Error message %s
-  
+
   **Reason:**
-  
+
   The string sent by the central Gateway was not recognized as valid DER-encoded certificates in the Base64 printable form.
-  
+
   **Action:**
-  
+
   Check that the URL configured in apiml.security.x509.certificatesUrl responds with valid DER-encoded certificates in the Base64 printable form.
 
 ### ZWEAT505E
 
   Incoming request certificate is not one of the trusted certificates provided by the central Gateway.
-  
+
   **Reason:**
-  
-  The Gateway performs an additional check of request certificates when the central Gateway forwards the incoming client certificate to the domain Gateway. This check may fail when the certificatesUrl parameter does not point to the proper central Gateway certificates endpoint.
-  
+
+  The Gateway performs additional check of request certificates when the central Gateway forwards incoming client certificate to the domain Gateway. This check may fail when the certificatesUrl parameter does not point to proper central Gateway certificates endpoint.
+
   **Action:**
-  
+
   Check that the URL configured in apiml.security.x509.certificatesUrl points to the central Gateway and it responds with valid DER-encoded certificates in the Base64 printable form.
 
 ### ZWEAT601E
@@ -647,7 +647,7 @@ The following error message codes may appear on logs or API responses. Use the f
 
   **Action:**
 
-  Use a valid body in the request. Format of a message: `{validity: int , scopes: [string]}`.
+  Use a valid body in the request. Format of a message: {validity: int , scopes: [string]}.
 
 ### ZWEAT606E
 
@@ -671,7 +671,7 @@ The following error message codes may appear on logs or API responses. Use the f
 
   **Action:**
 
-  Use a valid body in the request. Format of a message: `{userId: string, (optional)timestamp: long}` or `{serviceId: string, (optional)timestamp: long}`.
+  Use a valid body in the request. Format of a message: {userId: string, (optional)timestamp: long} or {serviceId: string, (optional)timestamp: long}.
 
 ### ZWEAT608E
 
@@ -695,6 +695,18 @@ The following error message codes may appear on logs or API responses. Use the f
 
   **Action:**
 
+### ZWEAT610E
+
+  Missing registry name configuration.
+
+  **Reason:**
+
+  The registry name configuration is required to correctly map distributed user name from the OIDC access token.
+
+  **Action:**
+
+  Make sure that 'components.gateway.apiml.security.oidc.registry' is correctly set in 'zowe.yaml'.
+
 ## Security client messages
 
 ### ZWEAS100E
@@ -1241,7 +1253,7 @@ The following error message codes may appear on logs or API responses. Use the f
 
   **Reason:**
 
-  The URI does not follow the format `/{serviceId}/{type}/{version}/{endpoint}` or `/{type}/{version}/{serviceId}/{endpoint}`.
+  The URI does not follow the format /{serviceId}/{type}/{version}/{endpoint} or /{type}/{version}/{serviceId}/{endpoint}.
 
   **Action:**
 
@@ -1258,25 +1270,22 @@ The following error message codes may appear on logs or API responses. Use the f
   **Action:**
 
   Based on the specific information in the message, verify that the key configuration is correct, or alternatively, that z/OSMF is available. If z/OSMF is available, specify the authentication type used by z/OSMF in your configuration settings.
-
-  Use the following configuration format:
-  ```
-  apiml: 
-    security: 
-       auth: 
-           zosmf: 
-               jwtAutoconfiguration:
-  ```
-  Apply one of the following values:
-
-  * **auto**
-  Signifies that API ML is enabled to resolve the JWT producer
-
-  * **jwt**
-  Signifies that z/OSMF supports JWT (APAR PH12143 is applied)
-
-  * **ltpa**
-  Signifies that z/OSMF does not support JWT
+ Use the following configuration format: ```
+   apiml:
+     security:
+       auth:
+         zosmf:
+           jwtAutoconfiguration:
+ ``` Apply one of the following values:
+ * **auto**
+   Signifies that API ML is enabled to resolve the JWT producer
+
+ * **jwt**
+   Signifies that z/OSMF supports JWT (APAR PH12143 is applied)
+
+ * **ltpa**
+   Signifies that z/OSMF does not support JWT
+
 
 ### ZWEAG714E
 
@@ -1332,24 +1341,24 @@ The following error message codes may appear on logs or API responses. Use the f
 
   **Reason:**
 
-  Metadata are not accessible.
+  Metadata aren't accessible
 
   **Action:**
 
-  Verify that the metadata are accessible and not empty.
+  Verify that the metadata are accessible and not empty
 
 ### ZWEAG719I
 
-  The service id provided is invalid: '%s'
+  The service is not conformant: %s
 
   **Reason:**
 
   The provided service does not satisfy the conformance criteria and is therefore not valid.
 
   **Action:**
 
-  Verify the conformance criteria, provide valid service id.
-  
+  Verify the conformance criteria.
+
 ### ZWEAG100E
 
   Authentication exception: '%s' for URL '%s'
@@ -1674,42 +1683,6 @@ The following error message codes may appear on logs or API responses. Use the f
 
   Configure your client to provide valid authentication.
 
-### ZWEAG169E
-
-  Unexpected response from the external identity mapper. Status: %s body: %s
-
-  **Reason:**
-
-  The external identity mapper request failed with Internal Error
-
-  **Action:**
-
-  Verify that ZSS is responding.
-
-### ZWEAG170E
-
-  Error occurred while trying to parse the response from the external identity mapper. Reason: %s
-
-  **Reason:**
-
-  The external identity mapper failed when trying to parse the response
-
-  **Action:**
-
-  Verify that the response is valid.
-
-### ZWEAG171E
-
-  Configuration error. Failed to construct the external identity mapper URI. Reason: %s
-
-  **Reason:**
-
-  Failed to construct the external identity mapper URI
-
-  **Action:**
-
-  Verify that the external identity mapper URL specified in the configuration is valid.
-
 ### ZWEAT607E
 
   Body in the revoke request is not valid.
@@ -1720,7 +1693,7 @@ The following error message codes may appear on logs or API responses. Use the f
 
   **Action:**
 
-  Use a valid body in the request. Format of a message: `{userId: string, (optional)timestamp: long}` or `{serviceId: string, (optional)timestamp: long}`.
+  Use a valid body in the request. Format of a message: {userId: string, (optional)timestamp: long} or {serviceId: string, (optional)timestamp: long}.
 
 ### ZWEAG180E
 
@@ -1748,14 +1721,13 @@ The following error message codes may appear on logs or API responses. Use the f
 
 ### ZWEAG182E
 
-  SSL Misconfiguration, z/OSMF is not accessible.
-  Message: %s
-  Please verify the following:
-    - CN (Common Name) and z/OSMF hostname match.
-    - The certificate is valid
-    - TLS version matches
-    - z/OSMF server certificate is trusted in Zowe's truststore
-  Enable debugging to see further details in stack trace.
+  SSL Misconfiguration, z/OSMF is not accessible. Message: %s Please verify the following:
+  - CN (Common Name) and z/OSMF hostname match.
+  - The certificate is valid
+  - TLS version matches
+  - z/OSMF server certificate is trusted in Zowe's truststore
+Enable debugging to see further details in stack trace.
+
 
   **Reason:**
 
@@ -1837,6 +1809,30 @@ The following error message codes may appear on logs or API responses. Use the f
 
   Review z/OSMF status. Contact your system administrator.
 
+### ZWEAZ600W
+
+  ZAAS cannot generate or obtain Zowe token. Reason: %s
+
+  **Reason:**
+
+  Review the reason section of the message.
+
+  **Action:**
+
+  Make sure z/OSMF is available when using the z/OSMF authentication provider or whether Zowe can generate tokens for other authentication providers. Make also sure that the identity mapping is correctly configured and set for the requested authentication.
+
+### ZWEAZ601W
+
+  z/OSMF is not available or z/OSMF response does not contain any token. Reason: %s
+
+  **Reason:**
+
+  z/OSMF does not return JWT or LTPA tokens.
+
+  **Action:**
+
+  Make sure z/OSMF is available to API ML or review your z/OSMF configuration.
+
 ## API Catalog messages
 
 ### ZWEAC100W