Wso2 Identity Server - restrict service provider inbound authentication based on role permission

Question

Wso2 Identity Server - restrict service provider inbound authentication based on role permission

I created tenant "A" in wso2 IS and added my custom ldap store to it. In tenant “A,” I configured the service provider “test” with oauth2 as inbound authentication. At the moment, I will be able to authenticate all users in the store with the configuration of the oauth2 service provider.

But I could not find any configuration to restrict the user from authentication against service provider "A".

I searched a lot, but could not find documentation for him. Need help sorting this issue.

Do we need to match the role of the service provider with the local role?

+4

wso2 wso2esb wso2-am wso2carbon wso2is

muhil varnan Sep 14 '15 at 9:23

source share

1 answer

shashika · Accepted Answer · 2016-05-24T05:34:11+0000

This feature is not currently supported by the WSO2 Identity Server. We will add this in future releases. User permission does not authenticate. For this purpose, the role of the service provider is used.

This can be achieved with the support of extension points, which are completely dependent on the use case and type of grant.

Wso2 Identity Server - restrict service provider inbound authentication based on role permission

More articles: