Why I can't use API for common user integrated with OIDC in ICP(IBM cloud private)

Question

https://www.ibm.com/support/knowledgecenter/SSBS6K_2.1.0/apis/auth_manage_api.html

I try to use the API for common user integrated with OIDC, but the error msg shows:

{"error_description":"invalid_resource_owner_credential","error":"server_error"}

command as the following

curl -k -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -d "grant_type=password&username=abc\@test\.com&password=ChangeMe\!\@\#&scope=openid" https://<cluster_access_ip>:8443/idprovider/v1/auth/identitytoken --insecure

But it is working fine for the administrator: admin/admin, so strange.

score 1 · Answer 1 · answered May 22 '18 at 10:45

Issue is with the special character "!" which is used for history expansions in command line prompt. You can use below command which works...

curl -k -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -d "grant_type=password&username=abc@test.com&password=ChangeMe"'!'"@#&scope=openid" https://<cluster_access_ip>:8443/idprovider/v1/auth/identitytoken --insecure

score 0 · Answer 2 · answered May 22 '18 at 06:27

0

Have you configured the LDAP, created Teams and added users to the team? Did you check the logs on Master node /var/log/containers for platform-identity-manager, _platform-auth-service, *platform-identity-provider?

answered May 22 '18 at 06:27

Dockers

1
2

Why I can't use API for common user integrated with OIDC in ICP(IBM cloud private)

2 Answers2