0

WSO2 API Manager 2.6.0 How Manage Scopes for methods?

I have an API with 100 method .

I have 40 role for use methods.

role1 use method 1, 2

role2 use method 2,3

role3 use method 1,3

.

.

.

role40 use method 1,2,40





I set these for hours and generated tokens for my users and gave it.

Now user 41 has been added and for example wants to access methods 1, 3 and 8 because the scope has no editing option.

The scopes defined for methods 1, 3 and 8 must be Delete, re-create and re-create the application with this new scope and give back to the users who used these methods.

This takes a lot of time and is annoying when it is constantly changing.

1- I think Scope is useful for three or four methods or for two or three users and in high numbers does not have the necessary efficiency

2- Or Is it possible to use the scope so that there is no need to delete and rebuild and give tokens to users again?

enter image description here

فاطمه شریفی
  • 61
  • 5

2 Answers2

0

Q1. If user 41 should be able to access the selected methods, the ideal way is that, assign the proper roles to user 41.

Otherwise, if user 41 has a different set of roles, you need to create a new scope.

I think the possible solution would be to handle this only via the roles. i.e, first define the scopes with required roles and assign the roles to the users.

Q2. If the token is generated with an scope-A, and later this scope is changed, you need to create a new token with the new scope. The same applies if you have generated a token with multiple scopes and need to add another scope.

Hope the above answer your questions.

menaka_
  • 1,092
  • 1
  • 13
  • 23
0

you can edit scope in first step of publisher and after this edit clear scope cache and then you can see edited scope. I use this and it's good for me.

فاطمه شریفی
  • 61
  • 5