-
Notifications
You must be signed in to change notification settings - Fork 14
Large header issue in request
Arnab Dutta edited this page Jan 30, 2025
·
2 revisions
-
Please see the description of Github issue: https://github.com/GluuFederation/flex/issues/1398 .
-
Explanation : Consider below
GETrequest where too many scopes are queried from config-api based on their INUMs.
https://admin-ui.gluu.info/jans-config-api/api/v1/scopes?limit=100&pattern=1800.01.75%2C1800.01.76%2C1800.01.77%2C1800.01.78%2C1800.01.71%2C1800.01.72%2C1800.01.73%2C1800.01.74%2C1800.01.79%2C1800.01.067%2C1800.01.80%2C1800.01.81%2C1800.01.64%2C1800.03.1%2C1800.01.65%2C1800.01.66%2C1800.03.3%2C1800.01.67%2C1800.03.2%2C1800.01.60%2C1800.01.61%2C1800.01.62%2C1800.01.63%2C1800.01.68%2C1800.01.69%2C1800.01.70%2C1800.03.5%2C1800.03.4%2C1800.03.7%2C1800.03.6%2C1800.01.10%2C1800.01.11%2C1800.01.12%2C1800.01.17%2C1800.01.18%2C1800.01.19%2C1800.01.13%2C1800.01.14%2C1800.01.15%2C1800.01.16%2C1800.01.86%2C1800.02.2%2C1800.01.87%2C1800.02.1%2C1800.01.88%2C1800.02.4%2C1800.01.89%2C1800.02.3%2C1800.01.82%2C1800.01.83%2C1800.01.84%2C1800.01.85%2C1800.01.90%2C1800.01.91%2C1800.01.92%2C1800.02.6%2C1800.02.5%2C1800.01.31%2C1800.01.32%2C1800.01.33%2C1800.01.34%2C1800.01.30%2C1800.01.39%2C1800.01.35%2C1800.01.36%2C1800.01.37%2C1800.01.38%2C1800.01.3%2C1800.01.20%2C1800.04.14%2C1800.01.21%2C1800.01.2%2C1800.01.22%2C1800.01.5%2C1800.04.12%2C1800.01.23%2C1800.01.4%2C1800.04.13%2C1800.04.10%2C1800.04.11%2C1800.01.1%2C1800.01.28%2C1800.01.29%2C1800.01.24%2C1800.01.25%2C1800.01.26%2C1800.01.27%2C1800.01.7%2C1800.01.6%2C1800.01.9%2C1800.01.8%2C1800.01.53%2C1800.01.54%2C1800.01.55%2C1800.01.56%2C1800.01.50%2C1800.01.51%2C1800.01.52%2C1800.01.57%2C1800.01.58%2C1800.01.59%2C1800.01.42%2C1800.01.43%2C1800.01.44%2C1800.04.2%2C1800.01.45%2C1800.04.1%2C1800.01.40%2C1800.01.41%2C1800.01.46%2C1800.01.47%2C1800.01.49%2C1800.04.8%2C1800.04.7%2C1800.04.9%2C1800.04.4%2C1800.04.3%2C1800.04.6%2C1800.04.5%2CC4F7%2C1200.67890B%2C1200.9A43C1
- In the Admin UI, if the authorization token for such queries is in JWT format, there is a possibility of request failure due to [Request Header Fields Too Large]. This occurs because the token's payload may contain many permissions (depending on their mapping with roles), making it excessively long. To shorten the authorization token, we decided to use a reference token instead of a JWT.
Eg. of permissions present in token's payload
"scopes": [
"https://jans.io/oauth/config/jwks.delete",
"https://jans.io/oauth/jans-auth-server/session.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/webhook.readonly",
"https://jans.io/oauth/config/scopes.readonly",
"https://jans.io/oauth/config/saml.write",
"https://jans.io/oauth/lock/health.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/webhook.delete",
"https://jans.io/auth/ssa.developer",
"https://jans.io/oauth/config/saml-config.readonly",
"https://jans.io/oauth/config/agama-repo.readonly",
"https://jans.io/oauth/config/smtp.delete",
"https://jans.io/oauth/config/cache.readonly",
"https://jans.io/oauth/config/saml-scope.write",
"readonly",
"https://jans.io/oauth/config/user.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.readonly",
"https://jans.io/oauth/lock/audit.readonly",
"https://jans.io/oauth/config/acrs.write",
"https://jans.io/scim/fido2.read",
"https://jans.io/oauth/config/token.readonly",
"https://jans.io/oauth/config/message.readonly",
"https://jans.io/oauth/lock-config.write",
"https://jans.io/oauth/config/uma/resources.readonly",
"https://jans.io/oauth/jans-auth-server/config/properties.write",
"https://jans.io/oauth/config/fido2.write",
"https://jans.io/idp/config.readonly",
"https://jans.io/scim/groups.read",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/role.delete",
"https://jans.io/oauth/lock/log.readonly",
"https://jans.io/oauth/config/jwks.write",
"jans_stat",
"https://jans.io/idp/saml.readonly",
"https://jans.io/oauth/jans-auth-server/config/properties.readonly",
"https://jans.io/oauth/config/jans_asset-delete",
"https://jans.io/scim/groups.write",
"https://jans.io/oauth/jans-auth-server/config/adminui/license.write",
"https://jans.io/oauth/config/properties.write",
"https://jans.io/oauth/config/fido2.delete",
"https://jans.io/idp/saml.write",
"https://jans.io/oauth/config/saml-scope.readonly",
"https://jans.io/scim/fido2.write",
"https://jans.io/oauth/config/scripts.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/properties.readonly",
"https://jans.io/oauth/config/acrs.delete",
"https://jans.io/oauth/client/authorizations.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/license.readonly",
"https://jans.io/oauth/config/jans_asset-read",
"https://jans.io/oauth/config/logging.readonly",
"https://jans.io/oauth/config/jans_asset-write",
"https://jans.io/oauth/lock/telemetry.write",
"https://jans.io/oauth/config/plugin.readonly",
"https://jans.io/oauth/lock/telemetry.readonly",
"https://jans.io/oauth/config/stats.readonly",
"https://jans.io/oauth/config/user.write",
"https://jans.io/oauth/config/agama.readonly",
"https://jans.io/oauth/config/openid/clients.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write",
"https://jans.io/oauth/jans-auth-server/config/adminui/webhook.write",
"https://jans.io/oauth/config/agama.write",
"https://jans.io/oauth/lock/health.write",
"https://jans.io/oauth/config/logging.write",
"https://jans.io/oauth/config/database/sql.write",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.write",
"https://jans.io/oauth/config/scopes.write",
"https://jans.io/oauth/config/openid/clients.write",
"https://jans.io/scim/fido.read",
"https://jans.io/scim/fido.write",
"https://jans.io/oauth/lock-config.readonly",
"https://jans.io/oauth/config/organization.write",
"https://jans.io/oauth/config/database/ldap.delete",
"https://jans.io/oauth/config/jans-link.readonly",
"https://jans.io/oauth/config/database/sql.readonly",
"https://jans.io/oauth/config/openid/clients.delete",
"https://jans.io/idp/saml.delete",
"https://jans.io/idp/realm.write",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.delete",
"https://jans.io/auth/ssa.admin",
"https://jans.io/scim/config.readonly",
"https://jans.io/oauth/config/token.write",
"https://jans.io/oauth/config/jans-link.write",
"https://jans.io/oauth/config/app-version.readonly",
"https://jans.io/oauth/config/scripts.delete",
"https://jans.io/oauth/config/uma/resources.delete",
"https://jans.io/scim/users.read",
"https://jans.io/oauth/config/message.write",
"https://jans.io/oauth/config/fido2.readonly",
"https://jans.io/auth/ssa.portal",
"https://jans.io/oauth/jans-auth-server/config/adminui/logging.write",
"https://jans.io/oauth/config/user.delete",
"https://jans.io/oauth/kc-link-config.write",
"https://jans.io/oauth/config/token.delete",
"https://jans.io/oauth/lock/audit.write",
"https://jans.io/oauth/config/database/ldap.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/properties.write",
"https://jans.io/oauth/config/cache.write",
"https://jans.io/scim/all-resources.search",
"https://jans.io/oauth/config/attributes.readonly",
"https://jans.io/oauth/config/smtp.readonly",
"https://jans.io/scim/users.write",
"revoke_session",
"https://jans.io/oauth/config/data.readonly",
"https://jans.io/oauth/config/agama.delete",
"https://jans.io/idp/config.write",
"https://jans.io/oauth/config/uma/resources.write",
"https://jans.io/oauth/config/saml.readonly",
"https://jans.io/oauth/config/organization.readonly",
"https://jans.io/oauth/lock/log.write",
"https://jans.io/oauth/config/attributes.delete",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.write",
"https://jans.io/oauth/config/properties.readonly",
"https://jans.io/oauth/config/jwks.readonly",
"https://jans.io/oauth/config/scopes.delete",
"https://jans.io/oauth/config/scripts.write",
"https://jans.io/oauth/config/database/ldap.write",
"https://jans.io/scim/config.write",
"https://jans.io/oauth/jans-auth-server/session.delete",
"https://jans.io/oauth/client/authorizations.delete",
"https://jans.io/oauth/config/acrs.readonly",
"https://jans.io/scim/bulk",
"https://jans.io/idp/realm.readonly",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/rolePermissionMapping.delete",
"https://jans.io/oauth/config/saml-config.write",
"https://jans.io/oauth/config/smtp.write",
"https://jans.io/oauth/jans-auth-server/config/adminui/user/permission.readonly",
"https://jans.io/oauth/kc-link-config.readonly",
"https://jans.io/oauth/config/attributes.write"
]
- Home
-
admin-ui documentation
- Introduction
- Dashboard
- Admin Menu
- Auth Server Menu
- Admin UI Installation on bank server
- CLI commands to Add, Remove Frontend Plugins
- Developer localization guide
- Gluu Admin UI: Frontend Plugin development document
- Gluu Admin UI: Backend Plugin development document
- Gluu Cloud Admin UI: Application Architecture
- Internationalization in Gluu Admin UI
- Jans Admin UI Developers setup Guide
- Jans Config Api Role Mapping
- licenseSpring Integration in Admin UI
- License Policy
- Admin UI: Scopes
- Security and API protection token
- User Management
- Gluu Flex
- Support Portal