Menu
▾
▴
Re: [Unity-idm-discuss] SCIM repeats only first value in multi value attributes
|
From: Bernd S. <b.s...@fz...> - 2023-12-21 13:19:56
|
hi, I'm pretty sure that should be -H "Authorization: Bearer $TOKEN" best regards, Bernd On 12/21/23 13:44, Sander Apweiler wrote: > Hi Krzysztof, > I created a new authenticator (OAuth 2 verifying local tokens) and > added the scopes oidc profile email entitlements sys:scim:read_profile > sys:scim:read_membership. I added this authenticator to the SCIM API as > well. > > I generated an ODIC token using the oidc-agent and the same scopes. But > using curl https://login-dev.helmholtz.de/scim/Me -H "Authorization: > Basic $TOKEN", I got Bad Request and unity logs has a null pointer > exception (stacktrace is attached). Did I forgot to add some > configuration in addition? Using username/password on the SCIM API > works. > > Best regards, > Sander > > > On Wed, 2023-12-20 at 12:56 +0100, Krzysztof Benedyczak wrote: >> Hi Sander, >> >> W dniu 20.12.2023 o 08:41, Sander Apweiler pisze: >>> Good morning, >>> while reading the manual once again, I found the error in our >>> schema >>> file. It works fine. >> >> good to hear that >> >> >>> Since only the administrators have username/password, we want to >>> enable >>> Oauth tokens for the SCIM API. Do we need to create an >>> authenticator >>> which is using unity itself for validating the tokens? >> >> Yes. It is not strictly required, but most likely this is what you >> want. >> >> Do not forget about granting proper authZ with OAuth scopes (as >> described in manual). >> >> Best, >> Krzysztof >> > > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss -- Dr. Bernd Schuller Large Scale Data Science, Juelich Supercomputing Centre https://www.fz-juelich.de/ias/jsc/EN/Home/home_node.html Phone: +49 246161-8736 (fax -8556) |
