Oracle Access Manager (OAM) Group Membership Information From OAuth using /ms_oauth/resources/userprofile/me Endpoint result in HTTP 404
(Doc ID 2271408.1)
Last updated on SEPTEMBER 08, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.170117 and laterInformation in this document applies to any platform.
Symptoms
memberOf endpoint can be accessed using "http(s)://:/.../idX/memberOf" where idX is the entity ID, but is not working as expected, results in HTTP-404
- Following ...
Fusion Middleware Administrator's Guide for Oracle Access Management, 53.3 Configuring OAuth Services Settings, 53.3.6 Configuring User Profile Services, 53.3.6.3 User Profile Services Configuration Page
Steps to Reproduce
- Get token
Background
- Requirement is to get the user's group membership (memberOf attribute) by passing the access token.
- Can get the user profile using /ms_oauth/resources/userprofile/me by passing the access token.
- But not able to get the group membership using /ms_oauth/resources/userprofile/me/memberOf/
- The only way to get the group detail is using /ms_oauth/resources/userprofile/users/S5091128D/memberOf, but have to provide access to the scope UserProfile.users to the user. Allowing scope UserProfile.users will allow full directory access.
- How to Return Group Membership Information From OAuth /ms_oauth/resources/userprofile/me Using OAM 11.1.2.3 (Doc ID 2250864.1), suggest to use /oic_rest/rest/userprofile but this endpoint is unprotected, one can access this endpoint without an access token.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |