Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-9769

service account can't authorize when group policy exists in resource server

    XMLWordPrintable

    Details

    • Steps to Reproduce:
      Hide

      1. A client get access token through Basic Auth (service account enabled)
      2. A resource server has any group policy
      3. A permission has the group policy
      4. Request authorization using access token of service account to the resource server
      5. Unexpected Error

      Show
      1. A client get access token through Basic Auth (service account enabled) 2. A resource server has any group policy 3. A permission has the group policy 4. Request authorization using access token of service account to the resource server 5. Unexpected Error
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Step
      1. A client get access token through Basic Auth (service account enabled)
      2. A resource server has any group policy
      3. A permission has the group policy
      4. Request authorization using access token of service account to the resource server
      5. Unexpected Error

      this error comes from getUser(id, session) because parameter id is client id of service account.
      so, when user id is null, we need to check whether user is service account or not and change to service account id.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                pcraveiro Pedro Igor Silva
                Reporter:
                inki.hwang Inki Hwang
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: