WSO2 IS - add user in role with self provisionning

0
votes

We're currently working with WSO2 IS server, version 5.7.0. At this time, everything seems to be ok excepting one thing.

We activated self-provisionning and we added a "Service provider" with oauth2 authentication enabled.

It created the role named "Application/myapp".

Then, going on the "authorize" form, we press "Register now" button and we can create a user. It sends validation mail, and the user is created.

But, the user is not assigned to Application/myapp role.

Is there something we can do to assign user role at registration time ?

Thanks !

1
wso2wso2is
Did you configure role-mapping in Identity Provider?Vithursa M
I tried but it seems that didn't changed anything.Metal3d
Did you try adding claim mapping to map claim coming from identity provider claim URI to Local claim URI?Vithursa M

1 Answers

0
votes

I think you have confused. The register now will be redirected to the self sign up form. The users created there will be automatically assigned to the 'Internal/selfsignup' role.

There is no link with the created application and the self sign up process. The automatically created application role (Application/myapp) is for a different requirement. The users with that application role can perform the update and delete operations of the application.

Is there something we can do to assign user role at registration time?

No, you can't create a role. If you want to have this functionality, we need to have your own self sign up for the application and send the user registration request to the IS using SCIM. Here you can find the API definitions. You can use the oAuth tokens to access these APIs.