0

Saqib Niaz (71●12●23) | asked Nov 08 '18, 4:16 a.m. edited Nov 08 '18, 5:25 a.m. Using CLM 6.0.6 with a Jazz authorization server (JAS). We have developed a third party RM provider, registered our RM provider with JAS. All the Jazz applications and our application work as expected. Needs to sign on once and browser never asks for the login again. After successful login, every application gets an access token. Later on for direct data access (rest api call) from server A to server B (both registered with same JAS), this access token can be used in Authorization header like Authorization: Bearer sdf78ui.  When we try to access Jazz application's data directly using our access token in Authorization header, we get 403 Forbidden error. Detailed error message is as follows: { "error_code": "_missing_general_scope", "error_message": "Your request is attempting to gain access to an application with a Bearer token, but the token has insufficient access rights.", "error_message_explanation": "If an application is using a Bearer token to gain access to an application, the token needs to have at least the \"general\" scope." } Can somebody help, what we are missing here? Comments Saqib Niaz commented Nov 08 '18, 4:19 a.m. If I query my application's registration from JAS, I get the following data along with some other information.     "scope": "openid profile email general",     "grant_types": [         "authorization_code",         "client_credentials",         "implicit",         "refresh_token",         "urn:ietf:params:oauth:grant-type:jwt-bearer"     ],     "preauthorized_scope": "openid profile email general",

One answer

---

Register or log in to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.