Hi All,
We are using UAA version 74.14.0
We have a UAA installation for our internal applications in cloudfoundry environment. We have been having a problem in verifying the oauth token (JWT token) using the /introspect token, but cannot seem to see the reason. I tried a test using postman.
1. created a client with authority uaa.resource. See properties below. It has the uaa.resource authority.
scope: uaa.none
resource_ids: none
authorized_grant_types: client_credentials
autoapprove:
access_token_validity: 300
authorities: uaa.resource
2. Generate a token for a user to test verification.
3. Using postman, I tried to call /introspect api with the "Authorization: Basic ..." (this is deprecated). But this call worked fine and I was able to see the token in returned json.
4. Using postman, I tried to call /introspect api with the "Authorization: Bearer {token}". This call failed with an error
{
"error": "access_denied",
"error_description": "Access is denied"
}
I checked the bearer token and made sure that the scope has uaa.resource in there
"scope": [ "uaa.resource" ],
It looks like the /introspect call succeeds with "Authorization: basic .." but not "Authorization: bearer ..".
Let me know what I am missing. I followed the API docs and I dont think I am missing any other authorithy for the client.
Any help is appreciated.
Thanks,
Viraj
