Use external userstore for username/password verification in the ResourceOwnerPasswordGrant flow? #12311

polsson12 · 2025-10-02T12:41:10Z

polsson12
Oct 2, 2025

Hi,

Is there a way to use external userstore for username/password verification in the ResourceOwnerPasswordGrant flow?
I don't want the username & credentials of the user to be validated against the janssen db, but instead implement the verification of the credentials inside the interception script only by invoking another microservice.

Is it possible to do this?

Currently the request fail to reach the interception script I've created because the username/pw is being validated against janssen db and I cannot figure out of to disable if (if possible).

Help and guidance appreciated.

Thanks in advance,
Phil

Answered by yuriyz

Oct 3, 2025

Did you add this script to client? Table jansClnt, in jansAttrs json should have

{
   ...
   "ropcScripts": "script DN here"
   ...
}

Would it be possible for you to provide the required terraform config?

No, I don't have it

View full answer

yuriyz · 2025-10-02T13:47:40Z

yuriyz
Oct 2, 2025
Maintainer

I think resource_owner_password_credentials custom script should make the trick. You have to return back true and set valid user object

  context.setUser(validUser)
  return True

See

jans/jans-linux-setup/jans_setup/static/extension/resource_owner_password_credentials/resource_owner_password_credentials.py

Line 32 in 5631c09

def authenticate(self, context):

This script authenticates against internal DB but nothing stops from creating user inside that script.

Let us know how it goes.

0 replies

polsson12 · 2025-10-03T10:07:12Z

polsson12
Oct 3, 2025
Author

Hi,

Thanks for the response.

I've looked into that script and also set the script_type to resource_owner_password_credentials .

However, it seems that the custom script is never actually invoked, neither the default LDAP authentication.
What I see from the logs:

java.lang.RuntimeException: User is empty |  
-- | --
  |   | 2025-10-03 11:50:47.170 | jans-auth - 2025-10-03 09:50:47,167 DEBUG [qtp22446425-27] [as.server.token.ws.rs.TokenRestWebServiceValidator] (TokenRestWebServiceValidator.java:208) - Invalid user |  
  |   | 2025-10-03 11:50:47.165 | jans-auth - 2025-10-03 09:50:47,165 DEBUG [qtp22446425-27] [as.server.token.ws.rs.TokenRestWebServiceValidator] (TokenRestWebServiceValidator.java:150) - Get client from session: '<client_id>' |  
  |   | 2025-10-03 11:50:47.165 | jans-auth - 2025-10-03 09:50:47,165 DEBUG [qtp22446425-27] [as.server.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:514) - Get sessionClient: 'io.jans.as.server.model.session.SessionClient@fa3e3b4' |  
  |   | 2025-10-03 11:50:47.165 | jans-auth - 2025-10-03 09:50:47,165 DEBUG [qtp22446425-27] [as.server.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:191) - Grant type: 'password'

So the client is successfully authenticated, but the user is never authenticated. I would expect to see something in the logs that is either related to external authentication or LDAP authentication, but I can't see anything. If I understand it correctly the auth decision is taken here:

jans/jans-auth-server/server/src/main/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceImpl.java

Line 521 in 00d7c88

if (externalResourceOwnerPasswordCredentialsService.isEnabled()) {

Can you provide a minimal jans_oidc_client and jans_script config in terraform so that my custom script is invoked?

// Phil

1 reply

yuriyz Oct 3, 2025
Maintainer

set log level to TRACE to see all logs

the user is never authenticated

Correct, it seems script is not invoked. Is it enabled? You can add some logs to script's init method. This will help understand whether script is loaded.

I understand it correctly the auth decision is taken here:

Yes. It seems in your case externalResourceOwnerPasswordCredentialsService.isEnabled() -> false which means there is no any script loaded by AS (script is invalid or not enabled).

polsson12 · 2025-10-03T12:05:02Z

polsson12
Oct 3, 2025
Author

Script seems to be loaded - I see these logs from the init method:

jans-auth - 2025-10-03 12:00:09,562 INFO  [ForkJoinPool.commonPool-worker-1] [ResourceOwnerPasswordCredentials] (Generated:39) - ROPC Script. Initialized

Additionally in the db it says that:
jansEnabled: true, jansSrcError: null
So everything seems to be fine?

still get similar results with log level trace:

jans-auth - 2025-10-03 11:51:18,707 DEBUG [qtp22446425-115] [io.jans.as.model.error.ErrorResponseFactory] (ErrorResponseFactory.java:88) - Found error, id: invalid_client
2025-10-03 13:51:18.707	
jans-auth - 2025-10-03 11:51:18,707 DEBUG [qtp22446425-115] [io.jans.as.model.error.ErrorResponseFactory] (ErrorResponseFactory.java:83) - Looking for the error with id: invalid_client
2025-10-03 13:51:18.707	
	at java.base/java.lang.Thread.run(Thread.java:840) [?:?]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1164) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1209) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:979) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:311) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:201) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:293) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:443) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:480) [jetty-util-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) [jetty-io-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:99) [jetty-io-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:322) [jetty-io-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.server.internal.HttpConnection.onFillable(HttpConnection.java:416) [jetty-server-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.server.internal.HttpChannelState$HandlerInvoker.run(HttpChannelState.java:662) [jetty-server-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.server.Server.handle(Server.java:182) [jetty-server-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:181) [jetty-server-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.server.handler.ContextHandler.handle(ContextHandler.java:1064) [jetty-server-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ContextHandler$CoreContextHandler$CoreToNestedHandler.handle(ContextHandler.java:2943) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.HttpChannel.handle(HttpChannel.java:511) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.HttpChannel.dispatch(HttpChannel.java:723) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1564) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ContextHandler.handle(ContextHandler.java:1719) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ScopedHandler.handle(ScopedHandler.java:125) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ContextHandler.doScope(ContextHandler.java:966) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ScopedHandler.nextScope(ScopedHandler.java:162) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.SessionHandler.doScope(SessionHandler.java:589) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ScopedHandler.nextScope(ScopedHandler.java:162) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler.doScope(ServletHandler.java:483) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ScopedHandler.nextScope(ScopedHandler.java:164) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ContextHandler.doHandle(ContextHandler.java:1045) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ScopedHandler.nextHandle(ScopedHandler.java:195) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.SessionHandler.doHandle(SessionHandler.java:612) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ScopedHandler.nextHandle(ScopedHandler.java:197) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.HandlerWrapper.handle(HandlerWrapper.java:124) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.security.SecurityHandler.handle(SecurityHandler.java:603) [jetty-ee9-security-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.nested.ScopedHandler.handle(ScopedHandler.java:127) [jetty-ee9-nested-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler.doHandle(ServletHandler.java:526) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1638) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.FilterHolder.doFilter(FilterHolder.java:202) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.websocket.servlet.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:196) [jetty-ee9-websocket-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1638) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.FilterHolder.doFilter(FilterHolder.java:202) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at io.jans.as.server.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:232) [classes/:?]
2025-10-03 13:51:18.707	
	at io.jans.as.server.auth.AuthenticationFilter.processPostAuth(AuthenticationFilter.java:536) [classes/:?]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1638) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.FilterHolder.doFilter(FilterHolder.java:210) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at io.jans.as.server.audit.debug.ServletLoggingFilter.doFilter(ServletLoggingFilter.java:69) [classes/:?]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1638) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.FilterHolder.doFilter(FilterHolder.java:202) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at io.jans.as.server.filter.CorsFilter.doFilter(CorsFilter.java:116) [classes/:?]
2025-10-03 13:51:18.707	
	at io.jans.server.filters.AbstractCorsFilter.doFilter(AbstractCorsFilter.java:123) [jans-core-server-1.9.0.jar:?]
2025-10-03 13:51:18.707	
	at io.jans.server.filters.AbstractCorsFilter.handleNonCORS(AbstractCorsFilter.java:357) [jans-core-server-1.9.0.jar:?]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1638) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.FilterHolder.doFilter(FilterHolder.java:202) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at io.jans.as.server.filter.CorrelationIdFilter.doFilter(CorrelationIdFilter.java:45) [classes/:?]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1638) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.FilterHolder.doFilter(FilterHolder.java:202) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at io.jans.as.server.filter.HeadersFilter.doFilter(HeadersFilter.java:36) [classes/:?]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1668) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at org.eclipse.jetty.ee9.servlet.ServletHolder.handle(ServletHolder.java:765) [jetty-ee9-servlet-12.0.19.jar:12.0.19]
2025-10-03 13:51:18.707	
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:587) [jetty-jakarta-servlet-api-5.0.2.jar:?]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) [resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:222) [resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:229) [resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:157) [resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321) [resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:154) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:240) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:429) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:70) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:356) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:378) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:415) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:413) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:452) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:560) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:118) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:154) ~[resteasy-core-6.2.12.Final.jar:6.2.12.Final]
2025-10-03 13:51:18.707	
	at java.base/java.lang.reflect.Method.invoke(Method.java:569) ~[?:?]
2025-10-03 13:51:18.707	
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
2025-10-03 13:51:18.707	
	at jdk.internal.reflect.GeneratedMethodAccessor228.invoke(Unknown Source) ~[?:?]
2025-10-03 13:51:18.707	
	at io.jans.as.server.token.ws.rs.TokenRestWebServiceImpl$Proxy$_$$_WeldClientProxy.requestAccessToken(Unknown Source) ~[classes/:?]
2025-10-03 13:51:18.707	
	at io.jans.as.server.token.ws.rs.TokenRestWebServiceImpl.requestAccessToken(TokenRestWebServiceImpl.java:221) ~[classes/:?]
2025-10-03 13:51:18.707	
	at io.jans.as.server.token.ws.rs.TokenRestWebServiceImpl.processROPC(TokenRestWebServiceImpl.java:261) ~[classes/:?]
2025-10-03 13:51:18.707	
	at io.jans.as.server.token.ws.rs.TokenRestWebServiceValidator.validateUser(TokenRestWebServiceValidator.java:208) ~[classes/:?]
2025-10-03 13:51:18.707	
java.lang.RuntimeException: User is empty
2025-10-03 13:51:18.707	
jans-auth - 2025-10-03 11:51:18,703 DEBUG [qtp22446425-115] [as.server.token.ws.rs.TokenRestWebServiceValidator] (TokenRestWebServiceValidator.java:208) - Invalid user
2025-10-03 13:51:18.702	
jans-auth - 2025-10-03 11:51:18,702 TRACE [qtp22446425-115] [io.jans.as.server.service.SessionIdService] (SessionIdService.java:885) - SessionId from cookie:
2025-10-03 13:51:18.702	
jans-auth - 2025-10-03 11:51:18,702 TRACE [qtp22446425-115] [jans.as.model.crypto.binding.TokenBindingMessage] (TokenBindingMessage.java:62) - TokenBindingMessage present: false, rpCnfKey: null
2025-10-03 13:51:18.701	
jans-auth - 2025-10-03 11:51:18,701 DEBUG [qtp22446425-115] [as.server.token.ws.rs.TokenRestWebServiceValidator] (TokenRestWebServiceValidator.java:150) - Get client from session: '<client_id>'
2025-10-03 13:51:18.701	
jans-auth - 2025-10-03 11:51:18,701 DEBUG [qtp22446425-115] [as.server.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:514) - Get sessionClient: 'io.jans.as.server.model.session.SessionClient@37384766'
2025-10-03 13:51:18.701	
jans-auth - 2025-10-03 11:51:18,701 DEBUG [qtp22446425-115] [as.server.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:191) - Grant type: 'password'

Would it be possible for you to provide the required terraform config?

3 replies

yuriyz Oct 3, 2025
Maintainer

Did you add this script to client? Table jansClnt, in jansAttrs json should have

{
   ...
   "ropcScripts": "script DN here"
   ...
}

Would it be possible for you to provide the required terraform config?

No, I don't have it

Answer selected by polsson12

polsson12 Oct 3, 2025
Author

It actually seems that the list of ropcScripts for the client is empty. How do I add it to the list?

yuriyz Oct 3, 2025
Maintainer

Use TUI or modify it in DB directly.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Use external userstore for username/password verification in the ResourceOwnerPasswordGrant flow? #12311

Uh oh!

{{title}}

Uh oh!

Replies: 3 comments 4 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Use external userstore for username/password verification in the ResourceOwnerPasswordGrant flow? #12311

Uh oh!

polsson12 Oct 2, 2025

Replies: 3 comments · 4 replies

Uh oh!

yuriyz Oct 2, 2025 Maintainer

Uh oh!

polsson12 Oct 3, 2025 Author

Uh oh!

yuriyz Oct 3, 2025 Maintainer

Uh oh!

polsson12 Oct 3, 2025 Author

Uh oh!

yuriyz Oct 3, 2025 Maintainer

Uh oh!

polsson12 Oct 3, 2025 Author

Uh oh!

yuriyz Oct 3, 2025 Maintainer

polsson12
Oct 2, 2025

Replies: 3 comments 4 replies

yuriyz
Oct 2, 2025
Maintainer

polsson12
Oct 3, 2025
Author

yuriyz Oct 3, 2025
Maintainer

polsson12
Oct 3, 2025
Author

yuriyz Oct 3, 2025
Maintainer

polsson12 Oct 3, 2025
Author

yuriyz Oct 3, 2025
Maintainer