REST API to retrieve user roles

Tagged: 

This topic has 1 reply, 2 voices, and was last updated 4 weeks, 1 day ago by Jatinder Singh (AcceptingNewProjects).

  • Author
    Posts
  • #28193
     praveenpasi
    Participant

    Hi,
    We are using ForgeRock version6 & have integrated AM,IDM & DS.
    We are doing a poc of securing microservices using OpenID ForgeRock conenct/OAuth captabilities.

    As part of poc,we need to get the roles associated to the user.The users and the associated roles are primarly present in DS & reconciled into IDM.
    Does ForgeRock have REST API’s that interact with IDM/DS & return the roles associated to a user when userid is sent as paramter?
    If possible please provide links to the REST API’s provided by ForgeRock with API documentation/syntax.

    Thanks,
    Praveen

    #28209

    Howdy!

    If I understand your question correctly, you need to relay user role claim to your Microservices so that it can decide what is user authorized to do? If that is the case and since you are already using OAuth2 federation protocol, you could provide a scope of roles in your /authorize request and have AM map scopes to group membership of a particular user. And if this is what you are looking for, you don’t need to call IDM or AM’s REST API outside of the OAuth2/OpenID calls you are already making.

    Please see below for a KB article on this topic:
    https://backstage.forgerock.com/knowledge/kb/article/a15751293

    Hope this helps!
    Jatinder

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?