OTK Scopes with Overlaping Parts may get Truncated
Article ID: 92791
CA Rapid App Security
CA API Gateway
When you have a list of OTK scopes separated by a period, with parts that overlap, it may get truncated. Example below:
(ex: myapi, myapi.read)
myapi.read in the above case gets truncated to ".read".
So, really scopes should only be separated by a ' ' (space). Everything else we don't really recommend. But the below should help
- Create a test API
- Use ‘OTK SCOPE Issuing’ only
- Configure it with your test values
- Use a ‘Return template assertion’ to return ‘scope.granted’
- Call the API
Do the same with ‘OTK SCOPE Verification’. Doing that avoids any other policy influencing the result.