IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  OAuth Authorization with HTTP URL Aliases

    Posted Tue March 21, 2017 12:11 PM

    Hi,

    Did anyone try securing RESTful API with OAuth token by configuring HTTP URL Aliases for the API ? When I tried to do it, I’m getting the following error message:

    403 Forbidden


    error=insufficient_scope

    error_description=[ISS.0010.8046] Integration Server rejected the request to access this resource. The access token's scope is insufficient to access the resource.

    As well, the above error message was expected to be in application/json format, however., it is coming back as a text/html. The content type of application/json has been set in the actual API service in the setResponse service.

    Any ideas ?

    Thanks
    SS


    #webMethods
    #Integration-Server-and-ESB


  • 2.  RE: OAuth Authorization with HTTP URL Aliases

    Posted Wed March 22, 2017 06:01 AM

    Hi,

    Please check if you added the IS service or package in the scope parameters in OAuth screen and also check if the particular client has access to it?

    Thanks,
    Sathya


    #Integration-Server-and-ESB
    #webMethods


  • 3.  RE: OAuth Authorization with HTTP URL Aliases

    Posted Wed March 22, 2017 12:14 PM

    Yes, those were accurate. Only challenge with these is when we use URL alias.


    #Integration-Server-and-ESB
    #webMethods


  • 4.  RE: OAuth Authorization with HTTP URL Aliases

    Posted Wed March 22, 2017 05:36 PM

    Hi,

    Set this property and try.

    watt.server.url.alias.partialMatching=true

    Thanks,
    sathya


    #webMethods
    #Integration-Server-and-ESB


  • 5.  RE: OAuth Authorization with HTTP URL Aliases

    Posted Wed August 26, 2020 10:46 AM

    Hi,

    I am facing similar issue in 10.3 server.

    I have an OAuth server where I have created client, scope and generated tokens.

    I am trying to access a resource in my resource server by using OAuth validation from OAuth servre and receiving error as 403 forbideen.

    I have tried setting the property as well.

    watt.server.url.alias.partialMatching=true

    Can you share your inputs


    #Integration-Server-and-ESB
    #webMethods


  • 6.  RE: OAuth Authorization with HTTP URL Aliases

    Posted Thu October 22, 2020 08:18 PM

    I had the same error as well. Make sure that Folders and Services in the Defined Scope was the issue. You need to make sure the URL resource is specified within it. For example, if the rest endpoint defined is “http://:/restv2/MyPaper” you need to add MyPaper within the Folders and Services of the Defined Scope.


    #Integration-Server-and-ESB
    #webMethods


  • 7.  RE: OAuth Authorization with HTTP URL Aliases

    Posted Wed August 26, 2020 11:54 AM

    Hi Jacob,

    Could you also check on these probable causes for resolving 403 status:

    • The access token was procured for a scope that does not cover the API being accessed.
    • During the phase to provide consent, the user that provided the consent is not the resource owner or owner of the API being accessed.
    • The access token expired or is not valid to access the resource any longer.
    • The authorization server revoked access privileges to a particular resource.

    Please let us know how it goes:

    HTH,
    RMG


    #Integration-Server-and-ESB
    #webMethods


Related Content