Hi Dilusha,
AFAIK, since this is scope based permission for resources, this should work
for both POST and DELETE resources even with the same user with the
Administrator role.
For example, if you create a scope with Administrator role and add this
scope to all 3 resources, you should be able to generate an access token
with the curl command.
Have you given the correct scope while generating the access token? If so
could please you provide the response of the access token generation curl?
Thanks & Regards,
Mushthaq
On Wed, Nov 15, 2017 at 4:54 PM, Dilusha Alphonso <dilu...@wso2.com> wrote:
> Hi All,
>
> The Administrator(role) has resource permission for DELETE and POST.
>
> First I have assigned the same user to both resources. so that
> doesn't work for POST. But works for DELETE.
>
> After that, I created a new user (Admin_user) and assigned the same role
> (Administrator). I used that username and password to get the access token.
> I tested the POST resource with that access token. Now POST resource is
> working fine.
> Is this correct method?
>
> Thanks
> Dilusha.
>
>
>
> On Wed, Nov 15, 2017 at 3:51 PM, Pubudu Gunatilaka <pubu...@wso2.com>
> wrote:
>
>> Hi Dilusha,
>>
>> Please make sure you have the correct scope in the response of the token
>> generation.
>>
>> Thank you!
>>
>> On Wed, Nov 15, 2017 at 5:52 PM, Dilusha Alphonso <dilu...@wso2.com>
>> wrote:
>>
>>> Hi All,
>>>
>>> I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
>>> have to give the resource permission for the particular role.I follow this
>>> link [1]
>>>
>>> 1. I created a new user in APIM management console using super tenant. (
>>> user is User_Administrator) I didn't give any permission to that user.
>>> 2. I assigned the roles to that user. ( user role is administrator).
>>> 3. After I added the scope of the resource API in the publisher for
>>> roles.
>>> 4.I used the curl command to get the access token for that particular
>>> user.
>>> 5.After I got access token I used it in the curl command to access the
>>> resource. The GET and DELETE are working fine. but POST is giving the
>>> following error response.
>>>
>>> {"fault":{"code":900910,"message":"The access token does not allow you
>>> to access the requested resource","description":"Access failure for
>>> API: /test/1.0.0, version: 1.0.0 status: (900910) - The access token does
>>> not allow you to access the requested resource"}}
>>>
>>> It will be great if any of you can suggest a solution for this.
>>>
>>>
>>> [1].https://wso2.com/library/articles/2017/01/article-an-ove
>>> rview-of-scope-management-with-wso2-api-manager/
>>>
>>>
>>> Thanks
>>> Dilusha
>>> --
>>>
>>>
>>> *Best Regards,Dilusha Alphonso*
>>>
>>> *Software Engineer - Support Team*
>>>
>>>
>>> *WSO2*
>>> *Mobile : *
>>>
>>> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
>>> <http://wso2.com/signature>*
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Pubudu Gunatilaka*
>> Committer and PMC Member - Apache Stratos
>> Senior Software Engineer
>> WSO2, Inc.: http://wso2.com
>> mobile : +94774078049 <%2B94772207163>
>>
>>
>
>
> --
>
>
> *Best Regards,Dilusha Alphonso*
>
> *Software Engineer - Support Team*
>
>
> *WSO2*
> *Mobile : *
>
> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
> <http://wso2.com/signature>*
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Mushthaq Rumy
*Software Engineer*
Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194>
Email : musht...@wso2.com
WSO2, Inc.; http://wso2.com/
lean . enterprise . middleware.
<http://wso2.com/signature>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
