Testing the client policy with cURL - PingAuthorize - 9.1

PingAuthorize

bundle
pingauthorize-91
ft:publication_title
PingAuthorize
Product_Version_ce
PingAuthorize 9.1
category
ContentType
Product
Productdocumentation
paz-91
pingauthorize
ContentType_ce
Product documentation

To confirm that you successfully completed the tasks from the previous section, test the client policy with cURL.

After completing the tasks in the previous sections, test the responses you receive for access tokens for any client other than client1 or client2.

  • To test that an access token for any client other than client1 or client2 is rejected, run the following.
    curl --insecure -X GET https://localhost:7443/scim/v2/Me -H 'Authorization: Bearer {"active": true, "sub": "user.1", "scope": "email", "client_id": "nonexistent.client"}'
    
    Successful completion of the tasks in the previous sections will result in the following response.
    {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"status":"401","scimType":"The client is not authorized to request this resource.","detail":"unauthorized_client"}
  • To test that an access token for client1 is accepted, run the following.
    curl --insecure -X GET https://localhost:7443/scim/v2/Me -H 'Authorization: Bearer {"active": true, "sub": "user.1", "scope": "email", "client_id": "client1"}'
    
    Successful completion of the tasks in the previous sections will result in the following response.
    {"id":"355a133d-58ea-3827-8e8d-b39cf74ddb3e","meta":{"resourceType":"Users","location":"https://localhost:7443/scim/v2/Users/355a133d-58ea-3827-8e8d-b39cf74ddb3e"},"schemas":["urn:pingidentity:schemas:store:2.0:UserStoreAdapter"],"mail":["user.1@example.com"]}