[keycloak-user] Requires uma_protection scope

Pedro Igor Silva psilva at redhat.com
Tue Nov 20 10:54:20 EST 2018


Hi,

You need to grant uma_protection client scope (it should be available as
one of the roles associated with your resource server) to the user to which
you are issuing tokens for.

On Tue, Nov 20, 2018 at 1:52 PM Julien Deruere <deruere.julien at gmail.com>
wrote:

> Any update on this?
> I got the exact same message when using POSTMAN :
>
> I fist do this (with grant_type=client_credentials):
> http://localhost:8080/auth/realms/sg2b/protocol/openid-connect/token
>
> And then this with the token I received:
> GET
>
> http://localhost:8080/auth/realms/sg2b/authz/protection/resource_set?type=zone
> Which answer me this:
> {
>     "error": "invalid_scope",
>     "error_description": "Requires uma_protection scope."
> }
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list