[LPS-110053] REST OAuth2 Resource Owner Password Credentials returns Invalid_grant if user is not an Administrator role - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: No Longer Reproducible
Affects Version/s: 7.1.X, 7.2.X
Fix Version/s: 7.1.X, 7.2.X, Master
Component/s: Application Security > OAuth2, User Management > Roles, Web Services > JAX-RS/WS Infrastructure
Labels:
None

Fix Priority:
4

Description

I've created an "OAuth2 Administration" application which has access to my JAX RS REST services. I've got "Resource Owner Password Credentials" as the allowed authorization types. However unless the user has an Administrator role the o/oauth2/token service returns "Invalid_grant".

Works above when the user has the administrator role. I then remove that role from the user and I receive invalid_grant.

Attachments

Issue Links

demands

LRDOCS-7710 Update OAuth2 docs to cover what permissions non-administrator users need

Open

Activity

People

Assignee:: SE Support

Reporter:: mitchell hancock

Participants of an Issue:: Carlos Sierra, mitchell hancock, SE Support

Recent user:: Nóra Szél

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 09/Mar/20 10:46 AM

Updated:: 04/May/21 7:07 AM

Resolved:: 09/Mar/20 3:20 PM

Days since last comment:: 2 years, 9 weeks, 5 days ago

Packages

Version	Package
7.1.X
7.2.X
Master