Yes you're right, we only need to identify to which tenant it belongs to so that data can be segregated accordingly.
Regards, Hanen On Mon, Mar 27, 2017 at 1:29 PM, Farasath Ahamed <farasa...@wso2.com> wrote: > > > On Mon, Mar 27, 2017 at 1:26 PM, Hanen Ben Rhouma <hanen...@gmail.com> > wrote: > >> Thanks Farasath, >> >> That returned the sub attribute, how can I retrieve more information >> about the user knowing that I'm using client_credentials as a grant type? >> > > Does it make sense to use the client_credentials grant type to get a token > with user information? > > AFAIK it is used to get an access token for the application to talk to an > API/resource. Only user related here would be the developer who created > this app, isn't it? > > > > >> >> Regards, >> Hanen >> >> On Fri, Mar 24, 2017 at 8:17 PM, Farasath Ahamed <farasa...@wso2.com> >> wrote: >> >>> Hi Hanen, >>> >>> This error usually means that in the initially, you have obtained an >>> access token that does not contain 'openid' scope and used it on the >>> userinfo endpoint. Here, 'openid' is not related to the OpenID protocol. >>> >>> Can you try adding 'openid' as a scope in your initial OAuth2 token >>> request and use that token to invoke the https://host:9443/oauth2/u >>> serinfo endpoint? >>> >>> For example, >>> If you are using password grant type, >>> >>> curl -k -v --user *<client_id>:<client_secret>* -d >>> "grant_type=password&username=*<username>*&password=*<password>*&scope=scope1 >>> openid" https://localhost:9443/oauth2/token >>> >>> And then do a get on the user info endpoint >>> >>> curl -k -H "Authorization: Bearer* >>> <your_access_token_with_openid_scope>*" https://localhost:9443/oauth2/ >>> userinfo?schema=openid >>> >>> >>> Thanks, >>> Farasath. >>> >>> >>> Farasath Ahamed >>> Software Engineer, WSO2 Inc.; http://wso2.com >>> Mobile: +94777603866 >>> Blog: blog.farazath.com >>> Twitter: @farazath619 <https://twitter.com/farazath619> >>> <http://wso2.com/signature> >>> >>> >>> >>> On Fri, Mar 24, 2017 at 10:05 PM, Hanen Ben Rhouma <hanen...@gmail.com> >>> wrote: >>> >>>> Hi, >>>> >>>> Do I need extra params to invoke the userinfo endpoint ( >>>> https://host:9443/oauth2/userinfo) ? >>>> >>>> I'm getting >>>> "error_description": "Access token does not have the openid scope", >>>> "error": "insufficient_scope" >>>> >>>> Eventhough I'm using Oauth2 without OpenID >>>> >>>> Regards, >>>> Hanen >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >> >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
