Open macmiranda opened 6 months ago
Hi @macmiranda,
Thanks for letting us know about this issue. I have been trying to replicate this in relation to the other issue you mentioned.
To properly replicate this issue, would you be able to share the grant string for your scopes that was causing the Boundary API to response with a 500?
Hi @cameronperera
To reproduce:
(this is intentional. I don't want unauthenticated users to be able to see which scopes exist under the Global one. Since my auth method is global, users are able to authenticate themselves and then have access to other scopes)
export BOUNDARY_ADDR=http://localhost:9200
boundary scopes list -recursive
Error from controller when performing list on scopes
Error information: Kind: Internal Message: output fields not found when building scope proto Status: 500 context: Error from controller when performing list on scopes
but without `-recursive`
boundary scopes list
Scope information: ID: o_1234567890 Name: Generated org scope Description: Provides an initial org scope in Boundary Authorized Actions: no-op
Another issue has been created in the main Boundary repo that I think is related to the
recursive
parameter inscopesCheck
below https://github.com/hashicorp/boundary-ui/blob/0902e42cb05ecbab9bd6549eba1f705c17541541/ui/desktop/app/routes/scopes.js#L26When
recursive
istrue
, at least one of your orgs must allow unauthenticated scopes list, otherwise the Boundary API will respond with a 500 status code, which makes the check fail and Boundary Desktop show the modal (thinking that it's actually talking to an older version of the API).Originally posted by @macmiranda in https://github.com/hashicorp/boundary/issues/4370#issuecomment-1999332273