Yes, its the correct configuration. We need to update the IS as KM doc.

Thanks,
NuwanD.

On Sun, Jan 25, 2015 at 6:44 AM, Nuwan Wimalasekara <[email protected]> wrote:

> Hi
>
> I configured WSO2 Identity Server 5.0.0 as Key manager as the
> documentation[1]. The I created a API with api scope in WSO2 AM 1.7.0.
> However when generating the access token with the given scope It generate
> the access token for the given scope. But When invoking the API, There is
> no scope validation in identity server. I could invoke other resources
> having different scope.
>
> When looking at the identity.xml in identity server, I figured out below
> OAuthScopeValidator  configuration is missing in identity.xml. I added
> below configuration, Then scopes are validating properly. This is not
> mentioned even in the doc[1]
>
> <OAuthScopeValidator
> class="org.wso2.carbon.identity.oauth2.validators.JDBCScopeValidator"/>
>
> @IS Team, AM Team,
> Can you confirm above is the correct configuration in Identity server to
> validate the API Scope ?
>
> [1]
> https://docs.wso2.com/display/CLUSTER420/Configuring+WSO2+Identity+Server+as+the+Key+Manager
>
> Thanks,
> Nuwanw
>
> --
> Nuwan Wimalasekara
> Senior Software Engineer - Test Automation
> WSO2, Inc.: http://wso2.com
> lean. enterprise. middleware
>
> phone: +94 71 668 4620
>
>
>
>


-- 
Nuwan Dias

Associate Tech Lead - WSO2, Inc. http://wso2.com
email : [email protected]
Phone : +94 777 775 729
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to