Use scopes in API Manager for the users in user-stores with no group.
This is a short article of using scopes for API access limit for the users who are in user stores with no groups.
Roles which are used in WSO2 APIM, get mapped with the “group” in user stores. When we add scopes, we assign the scope to roles.
Suppose in your user store, you do not have the groups to map roles with. But still you want to use scope to limit the access to APIs/ API resources. So how can you use scopes with the user in those user stores with no groups.
The easiest way to do is using internal roles. Internal roles are maintained by the carbon server and they do not get mapped with the groups in user stores. Because of this, internal roles can be assigned across any primary or secondary user stores.
So create an internal role based on your need and assign those roles to the users via management console.
Voila.! You can use those role when creating scopes for the APIs.
Please find the additional documents which would be useful when creating user roles and creating scopes.
[1] Creating roles
[2] Scope overview
Happy learning..!
