cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Custom Scope issue with Client Credentials grant type with OAuth 2.0 Client

Go to solution
former_member793606
Discoverer

on ‎03-04-2022 8:13 PM

0 Kudos

Please find my current scenario below

Show replies
Show replies
Answer
View Entire Topic
CarlosRoggan
Product and Topic Expert
Product and Topic Expert
‎03-07-2022 7:53 AM

Hello Hans,

From what I understand:

You have 2 applications. One backend app and one frontend-client app?
You call the backend app from frontend
You call the backend app from postman

Backend app is bound against XSUAA and protected with OAuth and scopes

To call the backend app, you go to the 1 XSUAA to fetch token
You use the credentials of XSUAA which you have in the binding or in key

I have one idea:
When you fetch a scope with client credentials, this doesn’t mean that your token automatically gets the scopes that are defined in the xs-security.json file
You need to explicitly GRANT the scopes.
Yes, you need to grant the scopes even to your own xsuaa instance
This is done with the “authorities” statement.

"authorities":["$XSAPPNAME.myscope"]

This corresponds to assigning roles to user – and this is what you need in case of client-credentials

Hope this helps!

Kind Regards,
Carlos

Show replies
Show replies
former_member793606
Discoverer
‎03-07-2022 3:33 PM
0 Kudos

Thanks for your help Carlos,

It's working from Postman now after passing customs scope parameter

Ask a Question