Bug #12408
open
"hide:ui" Scopes Being Returned for First Login in Sub-Tenant Activation.
0%
Description
The hide:ui scopes are incorrectly returned during the first login of a sub-tenant user. When a sub-tenant is created, scopes are registered as part of the activation process(When the first user login to the tenant).
If a scope in mdm-ui-config hasn’t been registered with the API Publisher at this stage, it gets included in the token scope set for the first login user. Basically, if a scope is not registered in the API Publisher but exists in mdm-ui-config, those scopes are returned as part of the token scope set for any user. This results in the hide:ui scopes being returned unexpectedly, causing the sidebar menu items to be hidden for the first login user. The issue can be resolved after the user logs out and logs back in. And after that, only the assigned scopes are returned as expected.
- We need to raise this issue with WSO2 to ensure, preventing unregistered scopes from being included in the token scope set.
Updated by Rajitha Kumara 2 months ago
- Status changed from New to On hold
- Assignee set to Nipuni Kavindya
Updated by Arshana Atapattu about 2 months ago
- Project changed from product-uem 7.0.0 GA to product-uem 6.4.0 GA