Re: Update a user token scope


Paul Bakare
 

Thanks Chris.

However, my token when decoded, has got "scim.write" scope set:

{"jti":"b4884e49-87a6-47cb-9653-48e41e60e130","sub":"4c7f6709-939e-4d9c-8655-9996b7d69ce6","scope":["scim.read","scim.write","openid","oauth.approvals"],"client_id":"useraccount","cid":"useraccount","azp":"useraccount","user_id":"4c7f6709-939e-4d9c-8655-9996b7d69ce6","user_name":"marissa","email":"
marissa(a)test.org","iat":1436854938,"exp":1436898138,"iss":"
http://localhost:8080/uaa/oauth/token
","aud":["useraccount","scim","openid","oauth"]}

But I still get a 403 Forbidden

On Mon, Feb 22, 2016 at 9:52 AM, Chris De Oliveira <cdutra(a)pivotal.io>
wrote:

Hi Kayode,

If the user is trying to update their own recored you don't need any
particular scope for your client. But if updating other user's record you
need "scim.write".

Sincerely,
Chris Dutra

On Sun, Feb 21, 2016 at 9:36 PM, Kayode Odeyemi <dreyemi(a)gmail.com> wrote:

Hi,

The docs at
https://github.com/cloudfoundry/uaa/blob/master/docs/UAA-APIs.rst#id52 doesn't
define the scope for user update API endpoint.

Can someone assist with this? What's the token scope for a user updating
own User info?

Appreciate your help

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.