Test the newly created policy with cURL. If you attempt the same HTTP request that you issued previously, it is now denied. Run the HTTP request to perform the test. curl --insecure -X GET https://localhost:7443/scim/v2/Me -H 'Authorization: Bearer {"active": true, "sub": "user.1", "scope": "nonexistent.scope", "client_id": "nonexistent.client"}' {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"status":"403", "scimType":"insufficient_scope","detail":"Requested operation not allowed by the granted OAuth scopes."}
If you attempt the same HTTP request that you issued previously, it is now denied. Run the HTTP request to perform the test. curl --insecure -X GET https://localhost:7443/scim/v2/Me -H 'Authorization: Bearer {"active": true, "sub": "user.1", "scope": "nonexistent.scope", "client_id": "nonexistent.client"}' {"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"status":"403", "scimType":"insufficient_scope","detail":"Requested operation not allowed by the granted OAuth scopes."}