Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2016-12-07

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:35 MegaMatt joined #openam
00:54 MegaMatt joined #openam
06:46 aldaris joined #openam
08:25 aldaris joined #openam
08:46 amphetkid joined #openam
08:47 amphetkid hi
08:47 aldaris hi
08:47 amphetkid i am trying put a PoC for OpenAM together
08:47 asyd morning
08:47 amphetkid and hit a snag, wondering if I can get some guidance quickly
08:47 aldaris as a customer or as a consultant? :)
08:47 asyd :)
08:47 amphetkid as a developer :)
08:47 aldaris you would make a good politician then :)
08:48 aldaris so what's the problem?
08:48 amphetkid i have it working but I can't fathom out how to get employeeNumber to return as a scope
08:48 amphetkid it returns all the other values in the scope selector but not that one
08:48 aldaris which version of AM?
08:49 amphetkid 13.5
08:49 aldaris are we talking about OAuth2 or OIDC?
08:49 amphetkid OIDC
08:49 aldaris so you want employeenumber to be returned as a claim then?
08:49 amphetkid yes :D
08:49 amphetkid for a JWT token
08:50 aldaris can you retrieve the employeenumber via different means?
08:50 aldaris like when using /json/users/foobar
08:50 amphetkid how else is there?
08:51 amphetkid i will try that... give me a sec...
08:55 amphetkid err getting a 401 ... let me have a look what is wrong there
08:55 aldaris did you send a cookie with your request?
08:55 amphetkid a iplanetdirectory header
08:56 aldaris then that should have worked, assuming that you used the correct username
08:56 amphetkid is the foobar case sensitive?
08:56 aldaris depends on the data store
08:57 amphetkid whilst i have a check, should i focus on using openam v13 or v12?
08:57 aldaris why?
08:57 aldaris 13.5 is the latest and greatest and you clearly have a support subscription with us
08:57 amphetkid for ease of use... etc
08:58 aldaris so you could just as well raise a support ticket on backstage.forgerock.com..
08:58 amphetkid :D
08:58 amphetkid ooohh hard sales tactic there
08:58 aldaris I don't need to sell anything, you already have a subscription, otherwise you wouldn't have access to 13.5.0
08:59 aldaris just plain deduction
08:59 amphetkid k... might have to have words with the sysadmin
09:00 amphetkid he just gave me the login creds
09:00 aldaris anyways I would have suggested to check that employeenumber attribute is listed in the data store settings under the LDAP User Attributes option
09:00 amphetkid is there an enterprise trial?
09:01 amphetkid it is listed
09:01 aldaris not that I'm aware of, but hey, I'm not involved with sales, so one never knows :)
09:01 amphetkid sorry 13.0 not 13.5
09:04 amphetkid employeenumber is in ldap user attributes
09:07 aldaris so which grant/flow are you using to obtain the oidc token?
09:08 aldaris I'm just thinking out loud, but it could be that you may need to update the OIDC claims script
09:08 aldaris and update the claimAttributes array with a new entry:
09:09 aldaris "employeenumber": attributeRetriever.curry("employeenumber")
09:09 aldaris but I'm not 100% sure that this is absolutely necessary
09:23 amphetkid grant type is password...
09:23 amphetkid is that what you were asking?
11:25 MegaMatt joined #openam
11:46 aldaris joined #openam
11:46 abyss joined #openam
11:57 amphetkid joined #openam
12:15 aldaris joined #openam
12:44 aldaris joined #openam
13:49 aldaris joined #openam
14:50 aldaris joined #openam
18:33 amphetkid joined #openam
21:53 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary