I have configured a profile in TIB as given below, this will add ProxyProvider with Oauth IdentityHandler whenever I send password grant_type request to generate oauth token, authentication should happen from proxy and token should generate for the configured oauth client. Now authentication is returning json response but tyk could not be able to generate token and showing below errors in the log.
Please help me resolve this.
time="2017-11-28T08:54:34Z" level=warning msg="Response code was: 403" time="2017-11-28T08:54:34Z" level=warning msg="GOT:{\"Status\":\"Error\",\"Message\":\"User does not have permission to add API to key Access Rights!\",\"Meta\":null}\n" time="2017-11-28T08:54:34Z" level=error msg="[TYK ID HANDLER] --> Login failure. Request not allowed"
It looks like user credentials you are using here “b0cb84e275434da2774e75cdd5cff3ab”, do not have enough permissions. You can verify it by trying to create a key directly using Dashboard API. User should have “write” key permissions.
In your original TIB config, you specify “5a16da371d41c80a85ff4499” as “MatchedPolicyID”. So ensure that this policy exists, as well as APIs defined inside this policy (and you have access to them).
In context of creating key via API, it will mean using “apply_policy_id” field instead of specifying “access_rights”
Hi leon, I have changed my profile configuration as given below and I could able to obtain access_token but when I use that to access my API getting below error. Please help
Gateway Request details
GET http://tyk-gateway.dev.com:8070/customoauth2/
Headers:
Authorization: Bearer 5a16cf191d41c80a85ff44920e9a1ea5e8884b9598217cc9982c5657 Response
{
“error”: “Session state is missing or unset! Please make sure that auth headers are properly applied”
}
Hi leon Sorry for the reply. I got it working, I had multiple authentication mode configured in my API after changing Base identity provider to Oauth2.0 it worked…