Scim2/Me POST and DELETE endpoint scopes are not configurable with new model

[AnuradhaSK]

Describe the issue:

In the previous resource access control model, scim2/Me API's POST and DELETE endpoint's scope and permissions could be configurable.

• https://github.com/wso2/carbon-identity-framework/blame/1ef5f3a7010836d1099f54220eced0864d4679bd/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml.j2#L2687
• https://github.com/wso2/carbon-identity-framework/blame/1ef5f3a7010836d1099f54220eced0864d4679bd/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml.j2#L2711

In the new model, they are not configurable. using the default values we have defined previously as well.

• https://github.com/wso2/carbon-identity-framework/blob/1ef5f3a7010836d1099f54220eced0864d4679bd/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml#L473
• https://github.com/wso2/carbon-identity-framework/blob/1ef5f3a7010836d1099f54220eced0864d4679bd/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml#L482

If these APIs are not protected with internal_login, API needs to be auhtorized to applications to consume by the app. But scim2/Me endpoint is not available to do so. Further, the given scopes to protect scim2/Me endpoint are related to scim2/Users endpoint. If we are stick into a decision of going forward with default scope, the document should update to which API should be authorized from an Application to consume scim2/Me POST and DELETE

[SujanSanjula96]

This is partially fixed with https://github.com/wso2/product-is/issues/18990 issue regarding the templating of the scopes.