on 03-04-2022 8:13 PM
Hello Hans,
From what I understand:
You have 2
applications. One backend app and one frontend-client app?
You call the
backend app from frontend
You call
the backend app from postman
Backend app is bound against XSUAA and protected with OAuth and scopes
To call the
backend app, you go to the 1 XSUAA to fetch token
You use the
credentials of XSUAA which you have in the binding or in key
I have one
idea:
When you fetch
a scope with client credentials, this doesn’t mean that your token automatically
gets the scopes that are defined in the xs-security.json file
You need to
explicitly GRANT the scopes.
Yes, you need
to grant the scopes even to your own xsuaa instance
This is
done with the “authorities” statement.
"authorities":["$XSAPPNAME.myscope"]
This corresponds to assigning roles to user – and this is what you need in case of client-credentials
Hope this helps!
Kind Regards,
Carlos
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Did you assign the roles (which point to scopes) provided by your app to a role collection and to your user?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
101 | |
13 | |
13 | |
11 | |
11 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.