queryFilter IDM 403 No Matching Privilege Found

nick.hunt · December 12, 2023, 8:13pm

I created a new internal role to allow users to be able to run searches via the API against themselves along with roles / applications in IDM. When doing a search against the role or applications object, if I do a direct search using the /managed/<role|application>/ I get a return. But, when I run a search against object with a queryFilter parameter, I get an error with 403, unauthorized, no matching privilege found. Is there a specific privilege that is needed to allow an API request to use the queryFilter parameter?

Nick

andras.szakacs · January 2, 2024, 4:07pm

Hi,
Does the queryFilter refer to an attribute that’s not readable by the role’s permissions?

nick.hunt · January 2, 2024, 4:43pm

I ended up figuring out what this was, but thanks for the response. It had to do with the _id attribute not being in the list of available / read attributes so had to patch the to allow it.

Nick