LiveLabs & Workshops

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Oracle IDCS - How to authenticate the /admin/v1/users API endpoint

User_Y59QJJan 25 2022 — edited Jan 26 2022

I trying to get a list of users from Oracle IDCS using the /admin/v1/users endpoint but I'm getting access denied:
{"schemas":["urn:ietf:params:scim:api:messages:2.0:Error","urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error"],"detail":"You are not allowed to perform this action.","status":"401","urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error":{"messageId":"error.identity.User.accessDenied"}}
What I've tried so far:
I got an access_token by calling the /token endpoint via a Client_Credentials login and I'm using this as the bearer token in the Authorization header. I called the /token endpoint using a scope parameter of ```urn:opc:idm:__myscopes__```. The access_token is accepted but I'm get access denied.
According to my understanding from these docs it seems we can add AppRoles to an Application to give it permissions. I haven't found a way to actually do this though. I wonder if we can add the User Administrator AppRole here to fix the problem?
https://docs.oracle.com/en/cloud/paas/identity-cloud/rest-api/RequiredRolePerEndpointExt.html

Processing

Added on Jan 25 2022

#oci-security, #security

0 comments

1,516 views

LiveLabs & Workshops

Oracle IDCS - How to authenticate the /admin/v1/users API endpoint

Comments

Post Details