WSO2 Identity Server SCIM 2 User deletion
Question
i'm getting strange behaviours with user deletion in wso2 IS 5.7. I have deployed a tenant A with a secondary LDAP user store while primary user store is on Postgres.
So I have 2 domain for new users:
- Domain A (primary user store)
- Domain B (LDAP secondary user store)
and 4 possible domains for new roles:
- Primary
- Internal
- Application
- domain D (from the ldap domain)
Case 1) Any user deletion through scim2 API invoked with the admin of the tenant works. HTTP 204 is returned. User is deleted
Case 2) User A created in LDAP with a Role R . Both have LDAP domain D . When I try to delete a user in the LDAP through scim2 API, 403 Forbidden is returned. User is not deleted.
Case 3) User B created on primary user-store with a Role R2 created with the domain Internal or Primary. HTTP/1.1 500 Internal Server Error is returned.. User is deleted.
I have no meaningful logs in wso2 console.
Catalina logs: 127.0.0.1 - - [06/Mar/2019:11:15:25 +0100] "DELETE /t/tenant.com/scim2/Users/6c133a5e-ba74-4021-8f5f-8e1bf62af506 HTTP/1.1" 500 146 "-" "curl/7.29.0"
Any idea? Thanks for your help.
1 answers
solution1
0 2019-03-07 17:40:08
the user did not have the permission to manage consent (delete in this case). After I gave the user that make the API call the right permissions (consent management), it worked.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.