Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Errors in password and username validations during tenant creation #22411

Open
pamodaaw opened this issue Jan 24, 2025 · 0 comments
Open

Errors in password and username validations during tenant creation #22411

pamodaaw opened this issue Jan 24, 2025 · 0 comments
Labels
Component/Tenant Mgt Severity/Major Team/Identity Server Core Type/Bug

Comments

@pamodaaw
Copy link
Contributor

Description

Issue 1

The password policies are not validated for the admin's password when creating a tenant using the API and the Legacy Management Console. But the password policies are validated when updating the password.

In the Console, validations are applied when creating and updating tenants.

Ideally, the policies should be validated from the core level as well.

Issue 2

There is no username validation during tenant creation using the API. But when trying to update the same tenant from the console, the username validation will fail but that field is not modifiable.

Steps to Reproduce

Issue 1:

  • Create a tenant using the API request. There is no validations for the password
curl -X 'POST' \
'https://localhost:9443/api/server/v1/tenants' \
-H 'accept: */*' \
-H 'Authorization: Basic YWRtaW46YWRtaW4=' \
-H 'Content-Type: application/json' \
-d '{
"domain": "wso2.com",
"owners": [
  {
    "username": "kim",
    "password": "kim123",
    "email": "[email protected]",
    "firstname": "kim",
    "lastname": "kim",
    "provisioningMethod": "inline-password",
    "additionalClaims": [
      {
        "claim": "http://wso2.org/claims/telephone",
        "value": "+94 562 8723"
      }
    ]
  }
]
}'
  • Try to update the password of tenant admin using the API
curl --location --request PUT 'https://localhost:9443/api/server/v1/tenants/6a957d6f-d669-4b97-9a07-d0ba4cdaf5a7/owners/d0544b7f-ad94-4f52-a657-fb568003165d' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{"email":"[email protected]","firstname":"kim","lastname":"kim","password":"Pam"}'

The API will return the following response.

{
    "code": "TM-65010",
    "message": "Unable to update the tenant owner.",
    "description": "Error in changing the tenant admin password for tenant domain: kim3.com. INM-60006:The minimum length of password should be 8.",
    "traceId": "c33ab790-8731-42c4-9504-3ec30a191b7b"
}
  • If the same tenant is updated from the UI, the username will be validated.
Image

Version

wso2is-7.1.0-m8

Environment Details (with versions)

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Component/Tenant Mgt Severity/Major Team/Identity Server Core Type/Bug
Projects
Identity Server 7.1.0
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pamodaaw