I have configured wso2 identity server 7.1.0 GA as below:
create organization (orgA - 23d6071e-e64e-4992-b4fa-607b955af4a6)
inside suborganization i created user: orgA-user
Is is possible to get token for orgA-user using methods like password grant_type to get token of user that is only available in sub-organization?
I want create token using single API call without browser interaction with authorization_code grant_type
In WSO2 Identity Server 7.1.0, applications created in a root organization—typically B2B SaaS applications that allow users from multiple sub-organizations to log in—are supported only via the authorization_code grant type.
Support for the password grant type in B2B SaaS applications is on the WSO2 IS roadmap.
If your use case involves bypassing the IS-hosted login portal and instead using your own application’s login UI to authenticate users and obtain tokens via APIs, you can implement the app-native login flow as described in this blog:
B2B App Native Authentication Flow with WSO2 Identity Server 7 Note: This flow will be further streamlined in future releases to reduce the number of steps involved.
If you want to skip browser interactions and need a back channel communication, still this option can be used.
Alternatively, if your use case is closer to modeling the application as a third-party client of a sub-organization (rather than a B2B SaaS app owned by the root organization), then the approach documented here is already supported in IS 7.1.0: Organization Applications - WSO2 Identity Server Docs
This allows you to obtain tokens using the password grant type.