APICreator user not able to login to WSO2 API Publisher 3.1.0

0
votes

I followed one of the tutorials and created a new role named apicreator under primary domain in WSO2 APIM management console 3.1.0 and assigned the below permissions.

● Configure > Governance and all underlying permission

● Login

● Manage > API > Create

● Manage > Resources > Govern and all underlying permissions.

Then, created a new user named apicreator and assigned him the role apicreator that i created before.

But when i try to login to API Publisher 3.1.0 with the user apicreator it fails with the below error.

enter image description here

But, if i assign the role Internal/creator role to the user apicreator, he is able to login successfully. As per the tutorial i felt the role that i created (apicreator) should be allowed to login into API Publisher. But, it's not working. Are some other permissions need to be assigned to the role "apicreator"? Need suggestions on this issue.

2
wso2wso2-am
Did you add the relevant scope mappings as mentioned in apim.docs.wso2.com/en/latest/administer/… ? If you have done that, try deleting the earlier user and create a new one using the updated role.RrR-

2 Answers

0
votes

Thanks for the suggestions Rakihtha. This scope mapping thing wasn't given in the tutorial. I did the necessary scope mappings now and added apicreator role under the required scopes as seen below.

enter image description here

Deleted the existing user, created a new user and assigned the apicreator role to it. Now this new user is able to login to the Publisher, but the APIs' aren't coming up and the page keeps loading as seen below.

enter image description here

And, in the WSO2 APIM terminal, i can see an error log as: ERROR - WebAppAuthenticatorImpl You cannot access API as scope validation failed.

Am i still missing on something?

0
votes

Appreciate your help Rakihtha, I just added the role mappings in admin portal as shown below and the issue is resolved now. The user apicreator is able to login to API Publisher. But i am facing another issue now. When trying to add a new resource in an existing API and trying to save i am getting an error - User doesn't have permission for update. What other permissions are to be given to the apicreator role in order that the user apicreator(who is assigned the role apicreator) can update an API?

Below are the role mappings i added in APIM admin portal. I have also mapped the admin role with apicreator thinking that will allow the user with apicreator role to update an API.

enter image description here

enter image description here

I have also added the API-M Admin permission for the apicreator role as seen below.

enter image description here