Re: UAA : How to restrict that the user should use only the credentials of the client to whom it belongs to while login using password grant API?
Hi Shilpa,toggle quoted message Show quoted text
Users are associated with Identity Providers and not clients. Identity providers can be UAA internal user store or a SAML/LDAP/OIDC provider.
There are two levels at which you can restrict users in clients.
1. You can use the feature required user groups on each client. If the users is not part of all users groups listed, they cannot login
2. You can set allowed identity providers on a client. If the user is logging in via an allowed provider, they will be rejected.
Please refer to the UAA Client API docs on how to achieve setting the above.
Sent from my iPhone
On Jun 9, 2017, at 2:38 AM, shilpa kulkarni <shilpakulkarni91(a)gmail.com> wrote: