Menu
▾
▴
[Unity-idm-discuss] OAuth authgenticator for SCIM API
|
From: Sander A. <sa....@fz...> - 2024-06-25 10:48:26
|
Hi Krzysztof, I spend some further time to set up the SCIM API using tokens. I created an authenticator for verifying local tokens (config in screenshot). But when I try to qquery the API using this command curl https://login-dev.helmholtz.de/scim/Me -H "Authorization: Bearer $TOKEN" -H "Authorization: Basic $CLIENT" I got: {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"status":403 ,"detail":"Forbidden"} as response and the log shows DEBUG unity.server.scim.EngineExceptionMapper: Access denied for SCIM API client pl.edu.icm.unity.engine.api.authn.AuthenticationException: Invalid user name, credential or external authentication failed. The client which requested the token is the same like the one who calls the SCIM API. It also requested the scope sys:scim:read_profile to be able to query the SCIM API. Did I miss something? Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Ir. Pieter Jansens ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
