I’m trying to set up OAuth2 authorization on an IS, but I’m facing issues with the scope.
Here’s what I’ve done:
- created a rest service _get on IS in package default, folder francois/testScope. Its execute permission is set to anonymous.
- set up OAuth on IS
- registered a client with type public
- created a scope “test” with folders/services set to /francois/testScope
- associated client with scope
- requested a token for this client & scope
Now if I call my rest service at this url http://server:port/rest/francois/testScope/1 with header Authorization set to "Bearer ", I always get an error 403 forbidden “insufficient_scope”
I’ve tried this with both 9.12 and 10.1, and on both http and https ports.
Is there something wrong with the scope I defined? What should be the execute permission on the IS rest service?
Thanks for your help!