I trying to get a list of users from Oracle IDCS using the /admin/v1/users endpoint but I'm getting access denied:
{"schemas":["urn:ietf:params:scim:api:messages:2.0:Error","urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error"],"detail":"You are not allowed to perform this action.","status":"401","urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error":{"messageId":"error.identity.User.accessDenied"}}
What I've tried so far:
I got an access_token by calling the /token endpoint via a Client_Credentials login and I'm using this as the bearer token in the Authorization header. I called the /token endpoint using a scope parameter of ```urn:opc:idm:__myscopes__```. The access_token is accepted but I'm get access denied.
According to my understanding from these docs it seems we can add AppRoles to an Application to give it permissions. I haven't found a way to actually do this though. I wonder if we can add the User Administrator AppRole here to fix the problem?
https://docs.oracle.com/en/cloud/paas/identity-cloud/rest-api/RequiredRolePerEndpointExt.html