0

In my backend service, I require a token that contains the "roles" claim in the client credentials flow. So I've tried to setup App ID as described in the article about Assigning roles to an application, unfortunately, I didn't succeed in this.

Steps were done for setup:

  1. Register the application with a "regular web application" type
  2. Create a role
  3. Assing role to the application like described in docs
  4. Extend token config with "accessTokenClaims": [ { "source": "roles" } ]
  5. Retrieve token for by Postman

Used parameters:

I also tried to use the body with form data and form data encoded(tried both)

  • grant type: client_credentials;
  • client_id: client_id
  • client_secret: client_secret
data_henrik
  • 16,724
  • 2
  • 28
  • 49
Timon
  • 23
  • 3
  • What is your question? Any errors? – data_henrik Nov 02 '22 at 16:34
  • @data_henrik role claim should return, but it doesn't. So my question is, is there some step I missed or anything else? – Timon Nov 03 '22 at 17:34
  • I am missing details in your question. Could you share how you map the roles (input name, output name)? I have that working and use the roles as part of federated identities in IBM Cloud. The code is here https://github.com/data-henrik/cloud-project-onboarding-terraform/tree/workshop_hackathon – data_henrik Nov 07 '22 at 14:31
  • Simple role created in App ID UI: Profiles and roles -> Roles -> Create Role. Further, I've just attached the role to the application by IBM Management API as described in the docs https://cloud.ibm.com/docs/appid?topic=appid-access-control&interface=api#assign-roles-app What grant type you're using for token retrieving? – Timon Nov 07 '22 at 15:17
  • Add details to your question. How is the mapping done (https://cloud.ibm.com/docs/appid?topic=appid-customizing-tokens#custom-claims-mapping)? – data_henrik Nov 07 '22 at 15:37
  • Oh, that's what you mean. This is described in question "Extend token config with "accessTokenClaims": [ { "source": "roles" } ]". That's all how I changed the token config. – Timon Nov 07 '22 at 15:55
  • See the linked code, as mentioned. https://github.com/data-henrik/cloud-project-onboarding-terraform/blob/workshop_hackathon/terraform/01-appid/main.tf#L81 – data_henrik Nov 07 '22 at 16:03
  • Sorry, but it didn't help – Timon Nov 07 '22 at 16:51
  • Please add details to your question. The more, the better. Else it remains guesswork – data_henrik Nov 07 '22 at 18:09

0 Answers0