Attempting to login using lsclient throws an error message Unable to parse response JSON of all clients
In JAS (Jazz Authorization Server) enabled environment when running the following command an error message is reported, although user and password are correct.
>lsclient -a https://JASAuth.myhost.com/oidc/endpoint/jazzop -u [UserName]:[Password]
{
"error" : "Unable to parse response JSON of all clients. {\"error_description\":\"You must be an administrator to complete this request\",\"error\":\"access_denied\"}"
}
We checked the user is part of the JazzAdmin group in appConfig.xml under JazzAuthServer/wlp/usr/servers/jazzop/appConfig.xml
And ldap setting are looking as expected under JazzAuthServer/wlp/usr/servers/jazzop/ldapUserRegistry.xml
However, the error message is keeping coming while listing client id or registering from Unix system.
We need to figure it out why "You must be an administrator to complete this request" message is thrown while all configuration settings are looking as expected?
One answer
To get around this problem the following steps may help, at least it has helped us.
If you want to change the client id in an existing JAS registration for the same JAS (i.e. not when copying it to another JAS), you would do something like
1) Run lsclient to generate the listing,
2) Use rmclient to delete the existing registration you want to change the client id for,
3) Edit the JSON file appropriately
4) Load the new registration with ldclient
5) Edit the app's properties file to update the client id and secret.