hi
Your problem is not related to the permissions but
access_token
Did not match: validationParameters.ValidAudience: 'AccountService' or validationParameters.ValidAudiences: 'null'.
Audience validation failed. Audiences: 'IdentityService, AdministrationService, SaasService, EmployeeService, IncidentService, AttachmentService, ObservationsService, ActionService, UserTaskService, HSEPlansService, NCRService, CustomerService, InspectionService, Forms, FileManagement, AuthServer, RMService, TMService, PTWService'.
Hi didnt get what exactly you mean too, can you please explain in much detail and let us know the probable fix./change
hi
Please share the HTTP request info of this error, then I will send your source code.
{ "code": "Volo.Account:RequirePermissionToImpersonateUser", "message": "Require AbpIdentity.Users permission to impersonate user!" }
Please find the further details shared over ur email, due to length constraint I shared over email
hi
I can share the source code of the
Impersonate
classes.You can debug it in your local.
Send the class name to liming.ma@volosoft.com
I just emailed
hi
Can you share a project?
liming.ma@volosoft.com
do u want just Auth server one or entire, becoz our is very big one with mutiple micro services so sharing may not be possible.
It's weird.
Can you debug the app and inject the
IOptions<AbpAccountOptions
to see its values?
ok will check and update u
hi
The log says : Require
AbpIdentity.Users
permission to impersonate user!",What's your
ImpersonationUserPermission
value?Eg:
context.Services.Configure<AbpAccountOptions>(options => { //For impersonation in Saas module options.TenantAdminUserName = "admin"; options.ImpersonationTenantPermission = SaasHostPermissions.Tenants.Impersonation; //For impersonation in Identity module options.ImpersonationUserPermission = IdentityPermissions.Users.Impersonation; });
we are using the below
and added below as well in auth server
hi
IDX10214: Audience validation failed. A Audiences: 'IdentityService, AdministrationService, SaasService, EmployeeService, IncidentService, AttachmentService, ObservationsService, ActionService, UserTaskService, HSEPlansService, NCRService, CustomerService, InspectionService, Forms, FileManagement, AuthServer, RMService, TMService, PTWService'.
Did not match: validationParameters.ValidAudience: 'AccountService' or validationParameters.ValidAudiences: 'null'.
Your
access_token
seems to be missing theAccountService
audience.
Aftering doing the suggisted change
we are getting the below issues for our services
PermissionRequirement: EmployeeService.Employees.Create
2024-01-22 12:58:41.151 +05:30 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: EmployeeService.Employees.Create
2024-01-22 12:58:41.174 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:41.178 +05:30 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: EmployeeService.Employees.Create
2024-01-22 12:58:41.206 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:41.207 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:41.208 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:41.208 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:41.208 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:41.208 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:41.211 +05:30 [WRN] Could not find the localization resource LeptonX on the remote server!
2024-01-22 12:58:42.601 +05:30 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: ObservationsService.Observations
2024-01-22 12:58:42.601 +05:30 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: IncidentService.IncidentManagements
2024-01-22 12:58:42.601 +05:30 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: InspectionService.AuditsManagements
2024-01-22 12:58:42.602 +05:30 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: InspectionService.InspectionManagements
Still we proceeded and tried the same but getting the below error as well
{ "code": "Volo.Account:RequirePermissionToImpersonateUser", "message": "Require AbpIdentity.Users permission to impersonate user!", "details": null, "data": { "PermissionName": "AbpIdentity.Users" }, "validationErrors": null }
My first question is this functionality and steps valid for ABP7?