IAM treats the OAuth 2.0 Implicit Grant as identity propagation.
Thus, an Identity propagator in a target application has to be configured:
- In the Loginapp "Application Settings", create an Identity Propagator Target Application:
- URL Pattern:
- Application Entry URLs:
- Add an "OAuth 2.0 Implicit Grant Identity Propagator" as "Identity Propagator":
- Client ID: clientId
- Redirect URL:
- Authorization Server Settings: use the default
- Resource Endpoint: use the default
- Select "Show User Confirm Page"
(remember to escape dots in host names)
https://this\.is\.your\.redirect\.url/
(remember to escape dots in host names)
https://this\.is\.your\.redirect\.url/
https://this\.is\.your\.redirect\.url/
OAuth Scopes and IAM Roles
The user must have the roles "customer" and "employee" for this to work as depicted. For more details, see OAuth 2.0 Scopes .