This topic has 2 replies, 2 voices, and was last updated 2 years, 6 months ago by pinku.

  • Author
    Posts
  • #22978
     pinku
    Participant

    Hi,

    I have created a new managed object called ‘entity’ and created one record for it.

    I have created one new internal user(restReadAdmin) and one new internal role(readrole). restReadAdmin now has the only readrole role.

    have mofified the access.js as below
    {
    “pattern” : “managed/entity”,
    “roles” : “readrole”,
    “methods” : “read”,
    “actions” : “*”
    }

    Now when I try to get the managed object I get access denied as below

    curl \
    –insecure \
    –header “X-OpenIDM-Username: restReadAdmin” \
    –header “X-OpenIDM-password: [email protected]” \
    –request GET \
    https://localhost:8443/openidm/managed/entity/?_queryId=get-by-field-value&field=entityID&value=testentityID’

    {“code”:403,”reason”:”Forbidden”,”message”:”Access denied”}

    However, if I change the methods for read to * like below, it does return the record and works.
    {
    “pattern” : “managed/entity”,
    “roles” : “readrole”,
    “methods” : “*”,
    “actions” : “*”
    }

    Any idea why it fails, it fails even if I give all the methods there, works only for *.

    • This topic was modified 2 years, 6 months ago by pinku.
    #22980

    Does “all the methods” contain “query”?

    I suppose methods should be “read,query”.

    #22983
     pinku
    Participant

    Thanks Patrick, awesome, that works.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?