Restrict the query result for restful in OpenAM


This topic contains 1 reply, has 2 voices, and was last updated by  Peter Major 3 months, 3 weeks ago.

  • Author
  • #25906

    In OpenAM 13.5 we can use the Restful to query user information:

    It seems that by default all user authenticated users can query all users information. Can we setup any restriction such that each user can only query its own information but not others?


    • This topic was modified 3 months, 3 weeks ago by  hkworker2002.
     Peter Major 

    That shouldn’t be the case, #201605-02 security advisory item should be addressed already in 13.5.0.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?