Hello, After reading the documentation one more time, I finally found my error: My user is in a tenant
Rest introspect URL is: accessible by carbon admin with URL like: https://server/oauth2/introspect and accessible by tenant users with URL like: https://server/t/tenant_domain/oauth2/introspect I was not thinking about tenant, because previously we were using the SOAP service for token validation and it was working without tenant domain prefix. - Can you confirm this specific behavior ? regards, Kawas On Tue, May 23, 2017 at 11:29 AM, Dimuthu De Lanerolle <dimut...@wso2.com> wrote: > Hi Kawas, > > I hope you can get some idea on the permission level with the following > doc[1] > > [1] https://docs.wso2.com/display/IS530/Invoke+the+ > OAuth+Introspection+Endpoint > > Regards > DimuthuD > > On Tue, May 23, 2017 at 2:51 PM, kawas <kawa...@gmail.com> wrote: > >> Hello, >> >> I would like to have a precision about the permission a user should have >> to access the OAuth2 token introspection URL >> ex: https://my-wso2-server:9443/oauth2/introspect >> >> It seems to work fine with admin/admin >> but failed for regular user even if I set identity > Application >> Management > View permission. >> I keep getting 403 forbidden >> >> I am using WSO2 IS 5.3.0 >> - Could you tell me the proper permission to assign to a regular user to >> access this introspect endpoint ? >> >> Regards, >> >> Kawas >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Dimuthu De Lanerolle > Software Engineer > WSO2 Inc. > lean . enterprise . middlewear. > http://wso2.com/ > Tel. : +94 11 2145345 Fax : +94 11 2145300 email : dimut...@wso2.com > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
