Hi Naduni, This was an improvement for IS 5.2.0 (Refer [1] for more information). As isura mentioned, you can use " updateApproveAlwaysForAppConsentByResourceOwner" in OAuthAdminService to revoke the approve always consent for OAuth apps.
Please refer the IDN_OPENID_USER_RPS table in IS. When users login to oauth applications, the consent details are stored in this table. In there, TRUSTED_ALWAYS column contains the value of "TRUE" or "FALSE" which indicates whether the user has given the “Approve Always” or “Approve” options. We are setting the TRUSTED_ALWAYS column by the value provided for "state" when invoking "updateApproveAlwaysForAppConsentByResourceOwner" service method. So in order to revoke the "Approve Always" consent, you need to provide "state" as "FALSE". [1] https://wso2.org/jira/browse/IDENTITY-4832 On Fri, Aug 18, 2017 at 5:34 PM, Naduni Pamudika <[email protected]> wrote: > Hi Isura, > > On Fri, Aug 18, 2017 at 4:17 PM, Isura Karunaratne <[email protected]> wrote: > >> Hi Nipuni, >> >> You can use updateApproveAlwaysForAppConsentByResourceOwner method in >> oauthAdminSevice to revoke the approve always consent. >> >> <soapenv:Envelope xmlns:soapenv="http://schemas. > xmlsoap.org/soap/envelope/ > <http://www.google.com/url?q=http%3A%2F%2Fschemas.xmlsoap.org%2Fsoap%2Fenvelope%2F&sa=D&sntz=1&usg=AFQjCNGNF5DdaQ9wHKRy5fjl5UBgSE9-HA>" > xmlns:xsd="http://org.apache.axis2/xsd > <http://www.google.com/url?q=http%3A%2F%2Forg.apache.axis2%2Fxsd&sa=D&sntz=1&usg=AFQjCNEQeayJxS4-8ESpde7Zv4MukwYQ-g> > "> > <soapenv:Header/> > <soapenv:Body> > <xsd:updateApproveAlwaysForAppConsentByResourceOwner> > <!--Optional:--> > <xsd:appName>?</xsd:appName> > <!--Optional:--> > <xsd:state>?</xsd:state> > </xsd:updateApproveAlwaysForAppConsentByResourceOwner> > </soapenv:Body> > </soapenv:Envelope> > > What do we need to put as "state" here? > > For the "appName", is it okay to put the Service Provider ID. > > > > Thanks, > Naduni > > Thanks >> Isura >> >> On Fri, Aug 18, 2017 at 3:24 PM Farasath Ahamed <[email protected]> >> wrote: >> >>> + Indunil >>> >>> Farasath Ahamed >>> Software Engineer, WSO2 Inc.; http://wso2.com >>> Mobile: +94777603866 >>> Blog: blog.farazath.com >>> Twitter: @farazath619 <https://twitter.com/farazath619> >>> <http://wso2.com/signature> >>> >>> >>> >>> On Fri, Aug 18, 2017 at 3:12 PM, Naduni Pamudika <[email protected]> >>> wrote: >>> >>>> Hi All, >>>> >>>> In the SSO flow, first the login page appears and then the consent page >>>> where >>>> the scopes are being approved by the user. I have put "Approve Always" for >>>> the scopes showing in the consent page and then the consent page does >>>> not appear in the login flow. >>>> >>>> I want to get the normal flow back, i.e. I want to go through the consent >>>> page and see the scopes. >>>> >>>> I tried deleting the application from the IS side and it did not work. >>>> Even after deleting and creating a new application, "Approve Always" is >>>> still enabled. >>>> >>>> How can I get it disabled? >>>> >>>> Thank you, >>>> Naduni >>>> >>>> -- >>>> *Naduni Pamudika* >>>> Software Engineer | WSO2 >>>> Mobile: +94 719 143658 <+94%2071%20914%203658> >>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> -- >> >> *Isura Dilhara Karunaratne* >> Associate Technical Lead | WSO2 >> Email: [email protected] >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > > > -- > *Naduni Pamudika* > Software Engineer | WSO2 > Mobile: +94 719 143658 <+94%2071%20914%203658> > [image: http://wso2.com/signature] <http://wso2.com/signature> > -- Indunil Upeksha Rathnayake Software Engineer | WSO2 Inc Email [email protected] Mobile 0772182255
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
