-
Notifications
You must be signed in to change notification settings - Fork 7.7k
Closed
Labels
area/account/apikind/bugCategorizes a PR related to a bugCategorizes a PR related to a bugpriority/importantMust be worked on very soonMust be worked on very soonrelease/26.1.0team/core-iamteam/core-shared
Description
Before reporting an issue
- I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
account/api
Describe the bug
Trying to request additional scopes when authenticating to the account console does not grant the requested scopes. This is a regression introduced by #32686.
After the user is successfully authenticated and redirected back to the account console for the very first time, the user is redirected back to the server because it is the first time accessing the account console. At this point, the authorization request does not contain any scope
parameter, and the scopes previously requested are ignored.
[1] #32686
Version
999-SNAPSHOT
Regression
- The issue is a regression
Expected behavior
Any scope requested when changing the scope
parameter when at the login page needs to be granted.
Actual behavior
Any scope requested when changing the scope
parameter at the login page is not granted.
How to Reproduce?
- Reach the account console at
http://localhost:8180/realms/{realm}/account/
- At the login page, add/set the
scope
parameter tophone
to request this scope - Authenticate
- Check if the token issued by the server holds the
phone
scope
Anything else?
No response
Metadata
Metadata
Assignees
Labels
area/account/apikind/bugCategorizes a PR related to a bugCategorizes a PR related to a bugpriority/importantMust be worked on very soonMust be worked on very soonrelease/26.1.0team/core-iamteam/core-shared