New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Role Base Scope Validation in JWT Bearer Grant Type in Federated Users. #6765

Closed

dumindurox777 opened this issue Nov 5, 2019 · 0 comments

Labels

2.6.0 WUM

dumindurox777 commented Nov 5, 2019

Description:-
The customer wants to validate the role-based scopes of federated users for API resources in the JWT bearer grant type.

Affected version=> AM-2.6.0(latest wum)

Steps to reproduce:-

Get the JWT assertion from another federated Is.
Created the Application and API with a restricted scope.
Creating an IDP in the key manager
Add claims and role mapping to IDP.
Get the JWT from federated IS and request the access token from the token endpoint from JWT-Bearer Grant Type
-Then call API with access token

tharikaGitHub added the WUM label

dushaniw added the 2.6.0 label

This was referenced Nov 25, 2019

Skipping the scope check for a federated user with JWT bearer grant wso2-extensions/identity-inbound-auth-oauth#1232

Merged

Adding role based scope validation feature for JWT Bearer Grant wso2/carbon-apimgt#7925

Merged

Replacing custom JWT bearer grant impl class with the default impl #6938

Merged

AmaliMatharaarachchi mentioned this issue

Add role based validation on JWT grant configuration guide wso2/docs-apim#8882

Open

kavishkafernando closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment