Hi Godwin, This should be due to the current implementation[1] using the UserstoreManager when checking the validity of the role. We may have to use a relevant service which will talk to the KeyManager to validate the role to fix this.
[1] https://github.com/wso2-support/carbon-apimgt/blob/support-6.4.50/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java#L4219 On Sat, Dec 1, 2018 at 1:44 AM Godwin Shrimal <[email protected]> wrote: > Hi APIM Team, > > Let me explain the issue using the use case. We have an APIM + ISKM > deployment. We have a secondary user store plugged to ISKM which is having > all the end users of the API's. Publishers and Subscribers are in the > Primary User store. When we adding a scope in the publisher, it's > validating those with the underline user store configured in the publisher > but not connecting to KM. I think it's a wrong behavior since there are use > cases those secondary user stores are in a secure network and we cannot add > it in publisher. > > Any thoughts? > > Thanks > Godwin > -- > *Godwin Amila Shrimal* > Technical Lead > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94761124419* > linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ > <https://www.linkedin.com/in/godwin-amila-2ba26844/>* > twitter: https://twitter.com/godwinamila > <http://wso2.com/signature> > -- Thanks & Regards, *Fazlan Nazeem* Senior Software Engineer WSO2 Inc Mobile : +94772338839 [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
