OSP Management | 403 error | Receiving 403 error on "Customer overview"

[tfjanjua]

Current Behavior

Request URL: https://example.com/api/administration/registration/network/companies?page=0&size=10 Request Method: GET Status Code: 403 Forbidden

Expected Behavior

There should not be 403 error if a user has OSP role.

Steps To Reproduce

Login to the portal having company role: OSP Navigate to the OSP Management → Onboarding Management Switch to the “customer Overview“ tab

Findings

The API: /api/administration/registration/network/companies has view_submitted_applications role which is already part of 2 other APIs:

1. api/administration/registration/application/{applicationId}/companyDetailsWithAddress
2. api/administration/registration/applications

So, it seems like the API: /api/administration/registration/network/companies has wrong role? @evegufy | @jjeroch, could you please have a look and share your opinion on this. thanks

[ybidois]

@MaximilianHauer could you look into this?

[MaximilianHauer]

Hi , i assume we solved this already with this topic

• https://github.com/eclipse-tractusx/portal-iam/issues/186
• https://github.com/eclipse-tractusx/portal-backend/issues/994
• https://github.com/eclipse-tractusx/portal-frontend/issues/1108

if not please inform us that we can finetune it .