Reputation: 4412
How to set scope for a user/role in WSO2 Identity Server?
In WSO2 Identity Server , I tried to associate scope with roles/users so that I can authorize them the access to API's if the scopes match. But no place i can see that. I am using node js in my back end.
I want to achieve something like below app.get('/deleteUser', authenticate({scope:'admin'}), function(req,res){
So that only those users[tokens] having the scopes 'admin' should be able to access deleteUser .How to achieve this user/role mapping to scope in WSO2 Identity server?
Upvotes: 1
Views: 932
Answers (2)
Reputation: 8233
WSO2 Identity Server doesn't have a scope validation logic by default. You will have to customize using OAuthScopeValidator
As @Jenananthan has already pointed out, WSO2 API Manager could be used for your use case.
Upvotes: 1
Reputation: 1401
I am not sure whether wso2 identity server support user/role mapping to scope. But for your use case I think you can use wso2 apimanager which handle role mapping with scope http://nuwanzone.blogspot.com/2014/06/oauth-20-scopes-with-wso2-api-manager.html
Upvotes: 2
Related Questions
- How to Grant Access to specific API for a user in WSO2 API Manager?
- wso2 Identity Server 5.7.0 Service Provider how set User role?
- Wso2 identity server how to map scope with service provider
- How to restrict user password OAuth token within role in WSO2IS
- roles and permissions in WSO2 and ANGULAR
- How to add role of the user in oauth token (WSO2 IS)
- WSO2 IS 5.4: Add a custom ROLE to Service Provider level
- How to set scope to client application in wso2
- WSO2 roles & Permission Identity server for OAuth2
- WSO2 Identity and Oauth2 - Userinfo throws Error: Insufficient Scope