Reputation: 848
WSO2 Tenant authentication failed
I can't create users in specific tenant (domain) in WSO2 identity server 5.7.0
First i create a new domain: Using soap ```/services/TenantMgtAdminService``
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://services.mgt.tenant.carbon.wso2.org" xmlns:xsd="http://beans.common.stratos.carbon.wso2.org/xsd">
<soapenv:Header/>
<soapenv:Body>
<ser:addTenant>
<!--Optional:-->
<ser:tenantInfoBean>
<!--Optional:-->
<xsd:active>true</xsd:active>
<!--Optional:-->
<xsd:admin>admin</xsd:admin>
<!--Optional:-->
<xsd:adminPassword>admin</xsd:adminPassword>
<!--Optional:-->
<xsd:createdDate>2019-07-01T00:00:00</xsd:createdDate>
<!--Optional:-->
<xsd:email>[email protected]</xsd:email>
<!--Optional:-->
<xsd:firstname>admin</xsd:firstname>
<!--Optional:-->
<xsd:lastname>user</xsd:lastname>
<!--Optional:-->
<xsd:originatedService>?</xsd:originatedService>
<!--Optional:-->
<xsd:successKey>true</xsd:successKey>
<!--Optional:-->
<xsd:tenantDomain>test.com</xsd:tenantDomain>
<!--Optional:-->
<xsd:tenantId>1</xsd:tenantId>
<!--Optional:-->
<xsd:usagePlan>demo</xsd:usagePlan>
</ser:tenantInfoBean>
</ser:addTenant>
</soapenv:Body>
</soapenv:Envelope>
Now i active the previous domain:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://services.mgt.tenant.carbon.wso2.org">
<soapenv:Header/>
<soapenv:Body>
<ser:activateTenant>
<!--Optional:-->
<ser:tenantDomain>test.com</ser:tenantDomain>
</ser:activateTenant>
</soapenv:Body>
</soapenv:Envelope>
I wish to create a users in new domains or tenant, i use curl using scim api:
curl -k --user [email protected]:admin --data '{"schemas":[],"name":{"familyName":"John","givenName":"Doe"},"userName":"newtestuser","password":"testPwd123"}' --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users
My WSO2IS is using configuration for email address as the username
My log for new user :
[2019-07-13 11:23:13,380] ERROR {org.wso2.carbon.identity.scim.provider.auth.BasicAuthHandler} - Authentication failed for the user: [email protected]@carbon.super
What i doing wrong? or what i missing?
Upvotes: 2
Views: 254
Answers (1)
Reputation: 120
If you are using email as username, the tenant's admin username also should be an email.
Hence, your curl should be as follows,
curl -k --user [email protected]@test.com:admin --data '{"schemas":[],"name":{"familyName":"John","givenName":"Doe"},"userName":"[email protected]","password":"testPwd123"}' --header "Content-Type:application/json" https://localhost:9443/t/test.com/scim2/Users
Here the SCIM endpoint of the tenant test.com should be: https://localhost:9443/t/test.com/scim2/Users
The username should be: [email protected] (email as username)
Basic Authentication: [email protected]@test.com (as this is a tenant user, we need to add the tenant domain as well.
Upvotes: 2
Related Questions
- Adding user to WSO2 tenant returns 401 Unathorized
- Getting 403 error when trying to add new tenant
- Adding a tenant via SOAP API throws error
- WSO2 Identity Server login returns a 403
- ERROR {org.wso2.carbon.idp.mgt.util.IdPManagementUtil} - Error when accessing the IdentityProviderManager for tenant
- WSO2 Basic Authentication returns error
- WSO2 Identity Server. Error when processing request
- Exception in Authentication Framework WSO2 IS
- WSO2 Identity Server: Error while loading Identity Provider
- wso2 Identity Server Your account is not active