Thanks Farasath, That returned the sub attribute, how can I retrieve more information about the user knowing that I'm using client_credentials as a grant type?
Regards, Hanen On Fri, Mar 24, 2017 at 8:17 PM, Farasath Ahamed <farasa...@wso2.com> wrote: > Hi Hanen, > > This error usually means that in the initially, you have obtained an > access token that does not contain 'openid' scope and used it on the > userinfo endpoint. Here, 'openid' is not related to the OpenID protocol. > > Can you try adding 'openid' as a scope in your initial OAuth2 token > request and use that token to invoke the https://host:9443/oauth2/userinfo > endpoint? > > For example, > If you are using password grant type, > > curl -k -v --user *<client_id>:<client_secret>* -d > "grant_type=password&username=*<username>*&password=*<password>*&scope=scope1 > openid" https://localhost:9443/oauth2/token > > And then do a get on the user info endpoint > > curl -k -H "Authorization: Bearer* <your_access_token_with_openid_scope>*" > https://localhost:9443/oauth2/userinfo?schema=openid > > > Thanks, > Farasath. > > > Farasath Ahamed > Software Engineer, WSO2 Inc.; http://wso2.com > Mobile: +94777603866 > Blog: blog.farazath.com > Twitter: @farazath619 <https://twitter.com/farazath619> > <http://wso2.com/signature> > > > > On Fri, Mar 24, 2017 at 10:05 PM, Hanen Ben Rhouma <hanen...@gmail.com> > wrote: > >> Hi, >> >> Do I need extra params to invoke the userinfo endpoint ( >> https://host:9443/oauth2/userinfo) ? >> >> I'm getting >> "error_description": "Access token does not have the openid scope", >> "error": "insufficient_scope" >> >> Eventhough I'm using Oauth2 without OpenID >> >> Regards, >> Hanen >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev