Add cloud_controller.admin_read_only to admin

These are the groups that can be requested by the admin user when authenticating via UAA. Each UAA client is configured to allow requests for a set of scopes. Currently, if the admin user authenticates via a UAA client with the `cloud_controller.admin_read_only` scope it will not have that scope in the token.
alphagov · Dec 7, 2017 · 72c47eb · 72c47eb
1 parent e71bb58
commit 72c47eb
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/manifests/cf-manifest/manifest/020-cf-properties.yml b/manifests/cf-manifest/manifest/020-cf-properties.yml
@@ -422,6 +422,7 @@ properties:
             - scim.invite
             - openid
             - cloud_controller.admin
+            - cloud_controller.admin_read_only
             - doppler.firehose
       groups:
         cloud_controller.global_auditor: 'Global Auditor read only group'