Unable to call a NodeJS API service with a token obtained from a secured SSO server
Issue
- When calling NodeJS service API, I'm getting a
403 - forbiddenerror:
curl -v -w '\n' -X GET http://localhost:8080/securePing -H "Authorization: Bearer $access_token"
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8080 (#0)
> GET /securePing HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.64.1
> Accept: */*
> Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA.................EvMPkYWXkczJCDA
>
< HTTP/1.1 403 Forbidden
< X-Powered-By: Express
< Access-Control-Allow-Origin: *
< Set-Cookie: connect.sid=s%3ALz9fVmH......h8.tfeQzc7%2BfF9l%2BeBFye.....wJhmopU; Path=/; HttpOnly
< Date: Wed, 22 Apr 2020 18:10:11 GMT
< Connection: keep-alive
< Transfer-Encoding: chunked
<
* Connection #0 to host localhost left intact
Access denied
* Closing connection 0
Environment
- Red Hat Single Sign-On (RH-SSO)
- 7
- Frontend Public Client
- NodeJS Server as Backend service API call
- RH-SSO server enabled with SSL/TLS
- Obtaining a token for Frontend Public Client and access the NodeJS API service call
access_token=$(curl -k X POST \
https://secure-sso.apps.my-example-cluster.example.com/auth/realms/Example_Realm/protocol/openid-connect/token \
-H 'content-type: application/x-www-form-urlencoded' \
-d 'username=xxxx' \
-d 'password=xxxxxxxx' \
-d 'grant_type=password' \
-d 'client_id=frontendexampleclient' \
-d 'scope=openid' | jq --raw-output '.access_token')
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
