Consider a cross tenant subscription scenario where we try to consume an API from another tenant (let's say the API is created by tenant A, and the admin of tenant B is trying to consume this said API). Assume we are using the password grant option (i.e. resource owner's username and password as an authorization grant) to obtain an access token. When trying to invoke the API using the obtained access token, a 401 unauthorized response is observed.
Steps to reproduce:
Add the following configuration in the deployment.toml file and restart the server
Description:
Consider a cross tenant subscription scenario where we try to consume an API from another tenant (let's say the API is created by tenant A, and the admin of tenant B is trying to consume this said API). Assume we are using the password grant option (i.e. resource owner's username and password as an authorization grant) to obtain an access token. When trying to invoke the API using the obtained access token, a 401 unauthorized response is observed.
Steps to reproduce:
[1] https://apim.docs.wso2.com/en/latest/design/api-security/oauth2/grant-types/password-grant/#invoking-the-token-api-to-generate-tokens
Affected Product Version:
4.0.0