Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Hi Bhathiya, SAML2 bearer token generation for tenant user was successful when sending domain query parameter in token endpoint. Furthermore It fixed issue [1] occurred when invoking an API using the generated access token. Furthermore I could overcome getting an 'access forbidden' when invoking

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Hi Sewmini, Could you please confirm your observations after using tenantDomain only with samlsso URL (for tenants)? Thanks, Bhathiya On Thu, Jun 2, 2016 at 10:16 AM, Nuwan Dias wrote: > Ok thanks, if there is no API change we don't have to worry. > > Thanks, > NuwanD. > > On

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Ok thanks, if there is no API change we don't have to worry. Thanks, NuwanD. On Thu, Jun 2, 2016 at 10:10 AM, Johann Nallathamby wrote: > Hi Nuwan, > > For SAML2 SSO this is how it has been all this time. Because we can't > guarantee the issuer will be unique across tenants

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Hi Nuwan, For SAML2 SSO this is how it has been all this time. Because we can't guarantee the issuer will be unique across tenants unlike the client id in oauth2, which is a UUID. In IS even for OAuth2 we were sending the tenantDomain to token endpoint for all the grant types. However later

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

So for tenant users, the samlsso url has changed (requires tenantDomain query param)? Does this mean that for tenant users who are migrating to the new version, they have to change their Application's SSO handling code? Thanks, NuwanD. On Thu, Jun 2, 2016 at 8:48 AM, Farasath Ahamed

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Hi Chamara, Sorry, I missed out some details. I tested the SAML Bearer Grant with an Identity Server 5.3.0 M1 pack. I had to change the samlsso URL to *https://localhost:9443/samlsso?tenantDomain=wso2.com *to log in as a user in the tenant

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Hi Farsath, Some unclear points. On Thu, Jun 2, 2016 at 2:47 AM, Farasath Ahamed wrote: > Hi, > > I tested the SAML2 bearer grant with travelocity app for a tenant user and > I was able to get an access token with any issue. > "with" or "without"? > I had to change the

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Hi, I tested the SAML2 bearer grant with travelocity app for a tenant user and I was able to get an access token with any issue. I had to change the samlsso URL to *https://localhost:9443/samlsso?tenantDomain=wso2.com *to get the sample

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Tenant domain should not be a mandatory parameter for the token API. The fix that required it to be so was reverted (or fixed differently) by Johann. Could you please check and fix for the saml grant too? It now works for the password and client credential grants. On Wednesday, 1 June 2016,

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Hi Sewmini, Please try sending the tenantDomain as a query param in the cURL command's token endpoint as below. https://localhost:9443/oauth2/token?tenantDomain= Thanks, On Wed, Jun 1, 2016 at 8:15 PM, Sewmini Jayaweera wrote: > Adding dev@wso2.org > > Sewmini Jayaweera >

Re: [Dev] Unexpected error occured when generating SAML2 bearer token using API manager- IS integrated setup.

Adding dev@wso2.org Sewmini Jayaweera *Software Engineer - QA Team* Mobile: +94 (0) 773 381 250 sewm...@wso2.com On Wed, Jun 1, 2016 at 8:13 PM, Sewmini Jayaweera wrote: > Hi APIM / IS teams, > > I am testing 'Exchanging SAML2 Bearer Tokens with OAuth2' (SAML Extension >