Wso2 Identity server - Restrict Inbound Authentication of service provider based on role permission

4
votes

I have created a tenant 'A' in wso2 IS and added my ldap user store in it. In the tenant 'A', I have configured a 'test' service provider with oauth2 as inbound authentication. As of now, I am successful with authenticating all the user in store with oauth2 service provider configuration.

But I could not find any configuration to restrict user from authentication against the service provider 'A'.

I have searched a lot but could not find a documentation for it. Need help in sorting this issue.

Whether we need to map our service provider role and local role somewhere?

1
wso2wso2esbwso2iswso2carbonwso2-am
"But I could not find any configuration to restrict user from authentication against the service provider 'A'." Are you referring to tenant 'A' ?Gayan

1 Answers

2
votes

This feature is not currently supported by WSO2 Identity Server. We will add this to future releases. Users permission does not check for authentication rather service provider's role is used for this purpose.

This could be achieved with the support of extension points which totally depends on the use case and grant type.