[AAE-14184] App key as parameter when fetching roles (#8541)

cspell.json

@@ -5,6 +5,7 @@
     "activiti",
     "adhoc",
     "afts",
+    "appkey",
     "Arial",
     "arrowdown",
     "arrowup",

lib/core/src/lib/auth/services/user-access.service.spec.ts

@@ -155,6 +155,15 @@ describe('UserAccessService', () => {
             expect(getAccessFromApiSpy).toHaveBeenCalledWith({ url: `${fakeIdentityHost}/identity-adapter-service/v1/roles` });
         });
 
+        it('should the url contain appkey if its present in app config', async () => {
+            const fakeIdentityHost = 'https://fake-identity-host.fake.com';
+            appConfigService.config.bpmHost = fakeIdentityHost;
+            appConfigService.config.application.key = 'fake-app-key';
+            await userAccessService.fetchUserAccess();
+
+            expect(getAccessFromApiSpy).toHaveBeenCalledWith({ url: `${fakeIdentityHost}/identity-adapter-service/v1/roles` , queryParams: { appkey: 'fake-app-key' } });
+        });
+
         it('should not fetch the access from the API if is not configured with OAUTH', async () => {
             appConfigService.config.authType = 'BASIC';
             await userAccessService.fetchUserAccess();

lib/core/src/lib/auth/services/user-access.service.ts

@@ -55,7 +55,10 @@ export class UserAccessService {
 
     private async fetchAccessFromApi() {
         const url = `${this.identityHost}/${IDENTITY_MICRO_SERVICE_INGRESS}/v1/roles`;
-        await this.oAuth2Service.get({ url })
+        const appkey = this.appConfigService.get('application.key');
+        const opts = appkey ? { url, queryParams: { appkey } } : { url };
+
+        await this.oAuth2Service.get(opts)
             .pipe(
                 catchError(() => of({
                     globalAccess: {