Error invalid_scope when requesting access token after upgrading from 7.2.2 to 7.6.1
Issue
Up until 7.2.2 release of the RH-SSO, when the client application requested a new access token to the token endpoint, the scopes were informed in the request body in the "scope" field, as defined in the OAuth spec, and the response from RH-SSO was a JSON containing the JWT access token having the resquested scope listed at the "realm_access.roles" field.
After upgrading from RH-SSO to 7.6.1, when the same request is made, the response from the RH-SSO server is a bad request, containing the error "invalid_scope" in the JSON body.
Environment
- Red Hat Single SignOn
- 7.2
- 7.6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.