Yes, its the correct configuration. We need to update the IS as KM doc. Thanks, NuwanD.
On Sun, Jan 25, 2015 at 6:44 AM, Nuwan Wimalasekara <[email protected]> wrote: > Hi > > I configured WSO2 Identity Server 5.0.0 as Key manager as the > documentation[1]. The I created a API with api scope in WSO2 AM 1.7.0. > However when generating the access token with the given scope It generate > the access token for the given scope. But When invoking the API, There is > no scope validation in identity server. I could invoke other resources > having different scope. > > When looking at the identity.xml in identity server, I figured out below > OAuthScopeValidator configuration is missing in identity.xml. I added > below configuration, Then scopes are validating properly. This is not > mentioned even in the doc[1] > > <OAuthScopeValidator > class="org.wso2.carbon.identity.oauth2.validators.JDBCScopeValidator"/> > > @IS Team, AM Team, > Can you confirm above is the correct configuration in Identity server to > validate the API Scope ? > > [1] > https://docs.wso2.com/display/CLUSTER420/Configuring+WSO2+Identity+Server+as+the+Key+Manager > > Thanks, > Nuwanw > > -- > Nuwan Wimalasekara > Senior Software Engineer - Test Automation > WSO2, Inc.: http://wso2.com > lean. enterprise. middleware > > phone: +94 71 668 4620 > > > > -- Nuwan Dias Associate Tech Lead - WSO2, Inc. http://wso2.com email : [email protected] Phone : +94 777 775 729
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
