Reputation: 235
Permissions to set in order enable acess to XACML PDP
I'm using WSO2 Identity Server version 4.6.0.
I try to find the list of permissions to set to role "Internal/everyone" in order to enable a authenticated user to access the EntitlementService to obtains PDP decision.
I have read during my search that the EntitlementService is considered as "admin" level service but I cannot find which specific permissions set is required. I do not want that third party application use a full admin user to send request to PDP.
Upvotes: 1
Views: 75
Answers (1)
Reputation: 5821
Yes.. EntitlementService is an admin service, It means you need to authenticate and authorize to identity server to access it. You need to have "/permission/admin/manage" permission to access to this server. It means you need to create a role by selecting "Admin Permissions -> Manage" in the permission tree. And assign user to created role.
Upvotes: 1
Related Questions
- In wso2 IS XACML policy how to validate role and its permissions
- WSO2is XACML API
- Enabling Role-Based Access Control Using XACML - Error occurred while evaluating the policy
- How to allow access permission from wso2is to wso2api manager using ReadWriteLDAPUserStore
- RBAC/ABAC via XACML policies
- PDP access permissions restriction
- WSO2 - Policy Management (XACML) using API
- WSO2 Identity Server - Issues with XACML V.3 Policy Set under the Try-It of PAP
- xacml with wso2 pdp
- XACML Policy and Request