When integrating Red Hat Single Sign-On (RH SSO) with an external API Management solution, an "insufficient_scope" error is returned.

Solution Verified - Updated -

Issue

When we create a new application in the devportal (API Manager) and generate a key, it gives an error and that in the apimportal logs we get this:

Caused by: feign.FeignException $ Forbidden: [403 Forbidden] during [POST] to [https://<RH SSO>/auth/realms/<REALM>/clients-registrations/openid-connect] [DCRClient # createApplication (ClientInfo) ]: [{"error": "insufficient_scope", "error_description": "Forbidden"}]

Environment

  • Red Hat Single Sign-On (RH SSO)
    • 7.X

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content