Comments (5)
dadvir
commented on May 29, 2024
1
thank you for your help, I've deleted the db docker image and recreated it from scratch with a fresh set of config, and succeeded with calling the API :)
from logto.
xiaoyijun
commented on May 29, 2024
Hi @dadvir , have you create an application role with the Management API permission (all)? And when you trying to fetch the access token, remember to use the all as the scope param value.
Create an M2M application
Create an applicaiton role with the Management API permission
Assign the role above to your M2M App
Request access token with all scope and the management api resource
curl --location '[your-logto-endpoing]/oidc/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic ${generateBasicAuth(m2mAppId, m2mAppSecret)}' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'resource=https://[your-tenant-id].logto.app/api' \
--data-urlencode 'scope=all'from logto.
dadvir
commented on May 29, 2024
Thank you for the quick response :)
I've tried these again and got to the same issue, please see attached screen shots of the config and outcome.
The application:
Its roles:
The API with role (too.. didn't see this on your end, but saw it in the getting started guide...):
The role with all access:
And the machine-to-machine access:
from logto.
dadvir
commented on May 29, 2024
@xiaoyijun I've created another app and followed your instructions again, with a "fresh" app, and got the same result.
your help will be highly appreciated here :)
from logto.
xiaoyijun
commented on May 29, 2024
@dadvir You have setup the app correctly, maybe the error is because you're using the m2m app in a wrong way.
Here is what i did:
Step 1: Request an access token from Logto core service by the M2M app
Code snippet:
curl --location 'http://localhost:3001/oidc/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic OWxydTU5ZG91NzF1bDl0YXJkYTZ3OktEQ29oOGxNNllWVkFSVDM1cjdJWGI5ZlF6azZhcTVU' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=all' \
--data-urlencode 'resource=https://default.logto.app/api'
And you will get the access token:
Step 2: Fetch application data using the access token
Code snippet:
curl --location 'http://localhost:3001/api/applications' \
--header 'Authorization: Bearer eyJh[Hide for brevity]-fUU'
Logto Console configuration
from logto.
Related Issues (20)
- feature request: Support parsing 'expires_in' in token response as both number and string HOT 3
- bug: Internal Error SSO Callback HOT 4
- bug: Deployment with nginx reverse proxy HOT 7
- feature request: Signing out user after deletion/suspension from Admin. HOT 2
- oauth2.0 connector: support parse nested userInfo in Profile Map config HOT 1
- bug: Database name is required in URL HOT 3
- feature request: support redis cluster and additional options for cache HOT 1
- bug: Expo client cannot use expo go redirect_uri HOT 6
- bug: "Get started" 404 HOT 3
- bug: Expo Application not issuing refresh_token even if "offline_access" scope is added HOT 7
- bug: Error in documentation on Microsoft Social Connector HOT 1
- feature request: Dynamic SSO Identity Provider selection mechanism (beyond email domain) HOT 8
- bug: Local machine-to-machine permissions are different from those in the cloud HOT 3
- bug: It doesn't work correctly in Electron with vue
- bug: Username is empty and no prompt to modify username when creating a new user via email HOT 4
- feature request: Password policies when updating user password HOT 2
- feature request: Unified App Page for Logged-in Users HOT 2
- feature request: Impersonation Functionality HOT 5
- feature request: Multiple Sign-in Experiences for Different Applications HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from logto.