[英]Adding user to WSO2 tenant returns 401 Unathorized
I am trying to add user to a tenant.我正在尝试将用户添加到租户。 For that I did the following:
为此,我做了以下事情:
After executing the endpoint, I am getting error 401 Unauthorized.执行端点后,我收到错误 401 Unauthorized。 Any ideas what am I doing wrong?
任何想法我做错了什么?
I am not sure if it's relevant, but I noticed that when I generate access token from main WSO2 instance (not tenant), I get these scopes我不确定它是否相关,但我注意到当我从主 WSO2 实例(不是租户)生成访问令牌时,我得到了这些范围
"scope": "internal_list_tenants internal_user_mgt_create"
However, when I generate similar token with tenant client key and secret, with the same scopes, I see only但是,当我使用相同范围的租户客户端密钥和密码生成类似令牌时,我只看到
"scope": "internal_user_mgt_create"
I suppose this is fine because createUser only needs this scope, but may be 401 comes from inability to get tenant that is needed with internal_list_tenants scope?我想这很好,因为createUser只需要这个 scope,但 401 可能是因为无法获得internal_list_tenants scope 所需的租户?
An incorrect URL is a cause for 401
response.错误的 URL 是导致
401
响应的原因。 Here, the URL you used ( https://localhost:9443/t/carbon.super/{tenantId}/api/server/v1/scims2/Users
) is incorrect.在这里,您使用的 URL (
https://localhost:9443/t/carbon.super/{tenantId}/api/server/v1/scims2/Users
) 不正确。
In order to create a user in a tenant named abc.com
, you need to invoke the endpoint为了在名为
abc.com
的租户中创建用户,您需要调用端点
https://localhost:9443/t/abc.com/scim2/Users
In general, if you want to create a user in a tenant, the endpoint is:一般来说,如果要在租户中创建用户,端点是:
https://<host>:<port>/t/<tenant-domain>/scim2/Users
If no tenant is specified in the URL, it is considered as the super tenant (carbon.super) ( https://<host>:<port>/scim2/Users
equals to https://<host>:<port>/t/carbon.super/scim2/Users
).如果 URL 中没有指定租户,则认为它是超级租户 (carbon.super) (
https://<host>:<port>/scim2/Users
等于https://<host>:<port>/t/carbon.super/scim2/Users
)。
Having "scope": "internal_user_mgt_create"
is sufficient to execute user creation rest API succesully.具有
"scope": "internal_user_mgt_create"
足以成功执行用户创建 rest API。 If the required scope/permissions are absent you will get 403
response.如果缺少所需的范围/权限,您将收到
403
响应。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.