Re: Update a user token scope

Home Messages Hashtags Subgroups

Paul Bakare #3989 Thanks Chris. However, my token when decoded, has got "scim.write" scope set: {"jti":"b4884e49-87a6-47cb-9653-48e41e60e130","sub":"4c7f6709-939e-4d9c-8655-9996b7d69ce6","scope":["scim.read","scim.write","openid","oauth.approvals"],"client_id":"useraccount","cid":"useraccount","azp":"useraccount","user_id":"4c7f6709-939e-4d9c-8655-9996b7d69ce6","user_name":"marissa","email":" marissa(a)test.org","iat":1436854938,"exp":1436898138,"iss":" http://localhost:8080/uaa/oauth/token ","aud":["useraccount","scim","openid","oauth"]} But I still get a 403 Forbidden On Mon, Feb 22, 2016 at 9:52 AM, Chris De Oliveira <cdutra(a)pivotal.io> wrote: Hi Kayode, If the user is trying to update their own recored you don't need any particular scope for your client. But if updating other user's record you need "scim.write". Sincerely, Chris Dutra On Sun, Feb 21, 2016 at 9:36 PM, Kayode Odeyemi <dreyemi(a)gmail.com> wrote: Hi, The docs at https://github.com/cloudfoundry/uaa/blob/master/docs/UAA-APIs.rst#id52 doesn't define the scope for user update API endpoint. Can someone assist with this? What's the token scope for a user updating own User info? Appreciate your help attachment.html
More All Messages By This Member

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.