Merge pull request #4769 from indeewari/resend_code_doc_update_5_10

indeewari · web-flow · commit 6eddd8cc6ded · 2025-01-09T12:18:23.000+05:30
[5.10] Adding permission for resend-code endpoint at toml level
diff --git a/en/identity-server/5.10.0/docs/develop/using-the-self-sign-up-rest-apis.md b/en/identity-server/5.10.0/docs/develop/using-the-self-sign-up-rest-apis.md
@@ -6,3 +6,19 @@
 
 !!! info "Related Links" 
     For information on self-registration via the UI instead, see [Self-Registration and Account Confirmation](../../learn/self-registration-and-account-confirmation).
+
+## Enhance default permissions for the resend-code endpoint.
+
+The [resend-code endpoint](https://api-docs.wso2.com/apidocs/is/is510/self-registration/#!/operations#SelfRegister#resendCodePost) of the self sign-up rest APIs is used to resend the confirmation code to an authenticated user. While no scopes are required to invoke this API by default, we recommend restricting access to this endpoint using scopes, before deploying to production.
+
+To do so, add the following configurations to the `<IS_HOME>/repository/conf/deployment.toml` file
+
+
+```toml
+[resource.access_control]
+context = "(.*)/api/identity/user/v1.0/resend-code(.*)"
+secure = "true"
+http_method = "all"
+permissions=["/permission/admin/manage/identity/identitymgt"]
+scopes=["internal_identity_mgt_view","internal_identity_mgt_update","internal_identity_mgt_create","internal_identity_mgt_delete"]
+```
