This topic contains 3 replies, has 3 voices, and was last updated by  paresh1983 9 months, 2 weeks ago.

  • Author
  • #18521

    I added a new role and set permission on access.js but still getting
    FAILED”,”403″,”{“”code””:403,””reason””:””Forbidden””,””message””:””Access denied””}

    Here is my access.js config (let say the role name is nomrole)

    “pattern” : “*”,
    “roles” : “nomrole”,
    “methods” : “*”,
    “actions” : “*”

    Did anyone created a new role and set it to normal users? How to set permissions?

    Thanks a lot.

     Jake Feasel 

    You have to use the role _id, not the role name, when declaring them in access.js.


    Thanks a lot Jake,

    that what I did and worked but I forgot to notify it here. I hope the documentation will be updated accordingly in the future.
    Thanks again.


    I created a new role called “TestRole” and changed access.js to mention corresponding _id value as shown below (after openidm-admin). Also assigned role to required managed user. When i try to access https://<idmURL>/admin url with that managed user, I get unauthorized access. Is this supposed to work this way?

    My ultimate goal is to assign only certain privileges to a role. For eg: that role should be able to perform password resets, user updates etc.

    —————–Snippet from access.js———–
    // openidm-admin can request nearly anything (except query expressions on repo endpoints)
    “pattern” : “*”,
    “roles” : “openidm-admin,3deed6e6-aea5-4c2d-902b-961063232e4a”,
    “methods” : “*”, // default to all methods allowed
    “actions” : “*”, // default to all actions allowed
    “customAuthz” : “disallowQueryExpression()”,
    “excludePatterns”: “repo,repo/*”


Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?