Testing the profile scope with cURL - PingAuthorize

Testing the profile scope with cURL - PingAuthorize - 8.3

PingAuthorize

bundle

pingauthorize-83

ft:publication_title

PingAuthorize

Product_Version_ce

PingAuthorize 8.3

category

Product

paz-83

pingauthorize

ContentType_ce

Page created: 9 Feb 2021 |

Page updated: 10 Aug 2021

| 1 min read

PingAuthorize 8.3 Product Administration User task Product documentation Content Type

Test your new profile scope with cURL.

Make the same request as earlier, but change the email scope that the access token uses to profile.

curl --insecure -X GET https://localhost:7443/scim/v2/Me -H 'Authorization: Bearer {"active": true, "sub": "user.1", "scope": "profile", "client_id": "nonexistent.client"}'

{"id":"355a133d-58ea-3827-8e8d-b39cf74ddb3e","meta":{"resourceType":"Users","location":"https://localhost:7443/scim/v2/Users/355a133d-58ea-3827-8e8d-b39cf74ddb3e"},"schemas":["urn:pingidentity:schemas:store:2.0:UserStoreAdapter"],"uid":["user.1"],"givenName":["Romina"],"description":["This is the description for Romina Valerio."],"sn":["Valerio"]}

The attributes defined by the new rule's advice are returned.

Because an access token might contain multiple scopes, confirm that an access token with the email and profile scopes returns the union of the attributes that both scopes grant.

curl --insecure -X GET https://localhost:7443/scim/v2/Me -H 'Authorization: Bearer {"active": true, "sub": "user.1", "scope": "email profile", "client_id": "nonexistent.client"}'

{"id":"355a133d-58ea-3827-8e8d-b39cf74ddb3e","meta":{"resourceType":"Users","location":"https://localhost:7443/scim/v2/Users/355a133d-58ea-3827-8e8d-b39cf74ddb3e"},"schemas":["urn:pingidentity:schemas:store:2.0:UserStoreAdapter"],"uid":["user.1"],"mail":["user.1@example.com"],"givenName":["Romina"],"description":["This is the description for Romina Valerio."],"sn":["Valerio"]}