OTK Scopes with Overlaping Parts may get Truncated
Article ID: 92791
Updated On:
Products
STARTER PACK-7
CA Rapid App Security
CA API Gateway
Issue/Introduction
When you have a list of OTK scopes separated by a period, with parts that overlap, it may get truncated. Example below:
(ex: myapi, myapi.read)
myapi.read in the above case gets truncated to ".read".
(ex: myapi, myapi.read)
myapi.read in the above case gets truncated to ".read".
Environment
Release:
Component: APIGTW
Component: APIGTW
Resolution
So, really scopes should only be separated by a ' ' (space). Everything else we don't really recommend. But the below should help
- Create a test API
- Use ‘OTK SCOPE Issuing’ only
- Configure it with your test values
- Use a ‘Return template assertion’ to return ‘scope.granted’
- Call the API
Do the same with ‘OTK SCOPE Verification’. Doing that avoids any other policy influencing the result.
- Create a test API
- Use ‘OTK SCOPE Issuing’ only
- Configure it with your test values
- Use a ‘Return template assertion’ to return ‘scope.granted’
- Call the API
Do the same with ‘OTK SCOPE Verification’. Doing that avoids any other policy influencing the result.
Feedback
Yes
No
Powered by
