Reputation: 1078
How to add role of the user in oauth token (WSO2 IS)
I am using WSO2 Identity server as IAM. In my angular application, I need samlsso, Hence I have implemented it and login is working as expected. Now, I want an authorization based on role(XACML policy) from the IS server. But in the token, I am getting following information only. There is no any information about user's roles and neither I have seen to configure it in console(While I am creating IDP).
Sample Token:
{
"at_hash": "vYBW9************vg3uw",
"aud": "rmSJ************xIHYWMVEYwa",
"sub": "admin",
"azp": "rmSJ************TpxIHYWMVEYwa",
"amr": [
"BasicAuthenticator"
],
"iss": "https://localhost:9443/oauth2/token",
"exp": 1572779632,
"iat": 1572776032,
"nonce": "QG057mrPa*************************c2Eda",
"sid": "*******-a7e6-48af-88e0-***********"
}
Here as you can see I have a username as sub(admin) but no roles of it.
Does anyone have any idea how to get them?
Upvotes: 1
Views: 323
Answers (1)
Reputation: 12502
Try adding http://wso2.org/claims/role as a requested claim in the SP.
See [1] for more details.
[1] https://docs.wso2.com/display/IS580/Configuring+Claims+for+a+Service+Provider
Upvotes: 2
Related Questions
- wso2 Identity Server 5.7.0 Service Provider how set User role?
- WSO2 APIM - Add user roles in JWT payload
- How to restrict user password OAuth token within role in WSO2IS
- WSO2 Rest Api -> How to add user to role?
- Create external permission and add to wso2 Role by API
- WSO2 IS 5.4: Add a custom ROLE to Service Provider level
- How to set scope for a user/role in WSO2 Identity Server?
- WSO2 roles & Permission Identity server for OAuth2
- How to add role to user using ws in WSO2 AM
- wso2 identity server oauth userinfo no role