By: Mohamad Taheri user 08 Jul 2016 at 10:23 a.m. CDT

2 Responses
Mohamad Taheri gravatar
Hi. I use this configuration but I faced with unauthorized page when request /dynamic/. I want to valid users with specific scopes access to my resource. <code> OIDCMetadataDir /var/cache/apache2/mod_auth_openidc/metadata/ttt/ OIDCProviderIssuer https://accounts.borvelt-tech.loc OIDCProviderTokenEndpointAuth client_secret_basic OIDCClientName "TTT" OIDCClientSecret secret OIDCRedirectURI https://ttt.borvelt-tech.loc:3443/redirect_uri OIDCCryptoPassphrase secret OIDCSSLValidateServer Off OIDCScope "openid user_name profile" OIDCOAuthRemoteUserClaim scope </code> <Location /> AuthType openid-connect Require valid-user </Location> <Location /dynamic> AuthType oauth20 Require claim scope~\bprofile\b </Location>

By Michael Schwartz Account Admin 08 Jul 2016 at 10:48 a.m. CDT

Michael Schwartz gravatar
user claims != oauth2 scopes If user claims are sufficient, then this could be a good strategy. In order to troubleshoot, you'll have to include the log information from oxauth and ldap as to what happens. Also, make sure you read the [Ubuntu howto on mod_auth_openidc](https://gluu.org/docs/integrate/ubuntu-installation/) or [Centos howto on mod_auth_openidc]([Ubuntu howto on mod_auth_openidc](https://gluu.org/docs/integrate/centos-installation/))

By Mohamad Taheri user 08 Jul 2016 at 10:50 a.m. CDT

Mohamad Taheri gravatar
Thanks.