Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-5900

Entitlement API: wrong response code

    Details

    • Steps to Reproduce:
      Hide
      • create a client with authorization
      • perform this command:
        $ curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -d '{
        "permissions" : [ { "resource_set_name" : "xxx", "scopes" : [ "view" ] }

        ]
        }' "http://localhost:8080/auth/realms/myrealm/authz/entitlement/myclient"

      It replies with 200:

      {"rpt":"eyJhbG...}
      Show
      create a client with authorization perform this command: $ curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -d '{ "permissions" : [ { "resource_set_name" : "xxx", "scopes" : [ "view" ] } ] }' "http://localhost:8080/auth/realms/myrealm/authz/entitlement/myclient" It replies with 200: {"rpt":"eyJhbG...}
    • Docs QE Status:
      NEW
    • QE Status:
      ASSIGNED

      Description

      If I invoke the entitlement API with a non existant reourse, it replies positively anyway with 200.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                pcraveiro Pedro Igor
                Reporter:
                cdupont2 Corentin Dupont
                Tester:
                Michal Hajas
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: