Ack for docs! Thanks, Ruthryi
On Mon, Nov 13, 2017 at 12:20 PM, Dilshani Subasinghe <[email protected]> wrote: > Adding Documentation team. > > Yes, I agree with Rajith. It will be better to mention in docs as normal > users not gonna identify the requirement of having client credential grant > type with SAML grant type. > > Reported Jira on this to track the progress [1]. > > [1] https://wso2.org/jira/browse/DOCUMENTATION-6403 > > On Fri, Nov 10, 2017 at 9:40 AM, Rajith Roshan <[email protected]> wrote: > >> Hi all, >> I think it's better to include this in our documentation (quick start >> [1], cloud -[2]), that in store UI generate keys and regenerate will always >> generate access token using client credentials, even though the Oauth app >> is enabled for multiple grant types. >> Or shall we add a tool tip to generate keys button and regenerate button >> to say that this will use client credential grant type. >> >> [1] - https://docs.wso2.com/display/AM210/Quick+Start+Guide >> [2] - https://docs.wso2.com/display/APICloud/Subscribe+to+and+ >> Invoke+an+API >> >> On Thu, Nov 9, 2017 at 7:58 PM, Sanjeewa Malalgoda <[email protected]> >> wrote: >> >>> Yes in UI when we click on generate keys button it will create oauth2 >>> app and generate tokens using client credentials(first time). >>> To complete both we need client credentials grant. In back end we do not >>> have such limitation we are anyway doing 2 different service calls. >>> If someone need to enable only SAML then after initial token generation >>> we can disable it. Its good to have options to generate key/secret, >>> generate tokens separately. >>> Since this behavior was there for sometime we will not need to change it >>> suddenly. But we can consider that in future. >>> >>> Thanks, >>> sanjeewa. >>> >>> On Thu, Nov 9, 2017 at 7:32 PM, Saneth Dharmakeerthi <[email protected]> >>> wrote: >>> >>>> Hi APIM Team, >>>> >>>> Docent this a limitation of Store UI? >>>> >>>> Customer who is using SAML or authorization code grant, Why he needs >>>> to enable client_credential? Inst this a security risk? The only thing >>>> he needs to do is getting the Client ID and Client Secret, But in Store UI >>>> it only shows those after click Generate Key button. >>>> >>>> >>>> >>>> Thanks and Best Regards, >>>> >>>> Saneth Dharmakeerthi >>>> *Associate Technical Lead* >>>> WSO2, Inc. >>>> Mobile: +94772325511 <077%20232%205511> >>>> >>>> <http://wso2.com/signature> >>>> >>>> On Thu, Nov 9, 2017 at 9:37 AM, Dilshani Subasinghe <[email protected]> >>>> wrote: >>>> >>>>> Hi Fazlan, >>>>> >>>>> Ok, now I got it. Thanks for explaining it. >>>>> >>>>> Regards, >>>>> Dilshani >>>>> >>>>> On Thu, Nov 9, 2017 at 9:21 AM, Fazlan Nazeem <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Dilshani, >>>>>> >>>>>> SAML grant does not depend on client_credentials grant being enabled, >>>>>> but in store UI when we generate keys using the Generate Keys button, >>>>>> client_credentials grant is used to generate the token. Therefore you >>>>>> have >>>>>> to enable client_credentials grant if you are generating keys via UI. I >>>>>> think this is what Hrasha meant. >>>>>> >>>>>> On Thu, Nov 9, 2017 at 12:20 AM, Dilshani Subasinghe < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Harsha, >>>>>>> >>>>>>> Thanks for prompt reply. Will follow that. Hope we need to specify >>>>>>> that client_credentials grant need for enabling SAML grant in the >>>>>>> documentation. >>>>>>> >>>>>>> Regards, >>>>>>> Dilshani >>>>>>> >>>>>>> On Thu, Nov 9, 2017 at 12:08 AM, Harsha Kumara <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi Dilshani, >>>>>>>> >>>>>>>> If you need to generate a token using SAML2 grant you may follow >>>>>>>> [1]. In store, you need to select client_credentials grant as we used >>>>>>>> it in >>>>>>>> the store to generate the token for an application. >>>>>>>> >>>>>>>> [1] https://docs.wso2.com/display/AM1100/Exchanging+SAML2+Be >>>>>>>> arer+Tokens+with+OAuth2+-+SAML+Extension+Grant+Type >>>>>>>> >>>>>>>> On Thu, Nov 9, 2017 at 12:01 AM, Dilshani Subasinghe < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi APIM/IS Team, >>>>>>>>> >>>>>>>>> I'm working with IS as Key manager setup. (APIM 2.1.0 and >>>>>>>>> wso2is-km-5.3.0). In APIM, while generating keys for Applications with >>>>>>>>> "SAML" as grant type, it may give an error as follows [1]: >>>>>>>>> >>>>>>>>> [2017-11-08 23:51:34,102] ERROR - APIUtil Error occurred while >>>>>>>>> executing SubscriberKeyMgtClient. >>>>>>>>> java.lang.RuntimeException: Error occurred while calling token >>>>>>>>> endpoint: HTTP error code : 400 >>>>>>>>> at org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.getNewAp >>>>>>>>> plicationAccessToken(AMDefaultKeyManagerImpl.java:367) >>>>>>>>> at org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegi >>>>>>>>> strationWorkflowExecutor.dogenerateKeysForApplication(Abstra >>>>>>>>> ctApplicationRegistrationWorkflowExecutor.java:151) >>>>>>>>> at org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegi >>>>>>>>> strationWorkflowExecutor.generateKeysForApplication(Abstract >>>>>>>>> ApplicationRegistrationWorkflowExecutor.java:118) >>>>>>>>> at org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistration >>>>>>>>> SimpleWorkflowExecutor.complete(ApplicationRegistrationSimpl >>>>>>>>> eWorkflowExecutor.java:78) >>>>>>>>> at org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistration >>>>>>>>> SimpleWorkflowExecutor.execute(ApplicationRegistrationSimple >>>>>>>>> WorkflowExecutor.java:54) >>>>>>>>> at org.wso2.carbon.apimgt.impl.APIConsumerImpl.requestApprovalF >>>>>>>>> orApplicationRegistration(APIConsumerImpl.java:2789) >>>>>>>>> at org.wso2.carbon.apimgt.impl.UserAwareAPIConsumer.requestAppr >>>>>>>>> ovalForApplicationRegistration(UserAwareAPIConsumer.java:36) >>>>>>>>> at org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject.jsFunc >>>>>>>>> tion_getApplicationKey(APIStoreHostObject.java:385) >>>>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>>>>>> at sun.reflect.NativeMethodAccessorIm >>>>>>>>> >>>>>>>>> Any idea on the issue? >>>>>>>>> >>>>>>>>> [1] error.png >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> Dilshani >>>>>>>>> >>>>>>>>> -- >>>>>>>>> >>>>>>>>> Dilshani Subasinghe >>>>>>>>> Software Engineer - QA *|* WSO2 >>>>>>>>> lean *|* enterprise *|* middleware >>>>>>>>> >>>>>>>>> Mobile : +94773375185 <+94%2077%20337%205185> >>>>>>>>> Blog : dilshani.me >>>>>>>>> >>>>>>>>> <https://wso2.com/signature> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Harsha Kumara >>>>>>>> Software Engineer, WSO2 Inc. >>>>>>>> Mobile: +94775505618 <+94%2077%20550%205618> >>>>>>>> Blog:harshcreationz.blogspot.com >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> Dilshani Subasinghe >>>>>>> Software Engineer - QA *|* WSO2 >>>>>>> lean *|* enterprise *|* middleware >>>>>>> >>>>>>> Mobile : +94773375185 <+94%2077%20337%205185> >>>>>>> Blog : dilshani.me >>>>>>> >>>>>>> <https://wso2.com/signature> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thanks & Regards, >>>>>> >>>>>> *Fazlan Nazeem* >>>>>> Senior Software Engineer >>>>>> WSO2 Inc >>>>>> Mobile : +94772338839 >>>>>> <%2B94%20%280%29%20773%20451194> >>>>>> [email protected] >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> Dilshani Subasinghe >>>>> Software Engineer - QA *|* WSO2 >>>>> lean *|* enterprise *|* middleware >>>>> >>>>> Mobile : +94773375185 <+94%2077%20337%205185> >>>>> Blog : dilshani.me >>>>> >>>>> <https://wso2.com/signature> >>>>> >>>> >>>> >>> >>> >>> -- >>> >>> *Sanjeewa Malalgoda* >>> WSO2 Inc. >>> Mobile : +94713068779 <+94%2071%20306%208779> >>> >>> <http://sanjeewamalalgoda.blogspot.com/>blog >>> :http://sanjeewamalalgoda.blogspot.com/ >>> <http://sanjeewamalalgoda.blogspot.com/> >>> >>> >>> >> >> >> -- >> Rajith Roshan >> Senior Software Engineer, WSO2 Inc. >> Mobile: +94-7 <%2B94-71-554-8430>17-064-214 >> > > > > -- > > Dilshani Subasinghe > Software Engineer - QA *|* WSO2 > lean *|* enterprise *|* middleware > > Mobile : +94773375185 <+94%2077%20337%205185> > Blog : dilshani.me > > <https://wso2.com/signature> > -- Regards, Ruthryi Kulasekaran Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka ✆: +94774626782
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
