Re: [keycloak-dev] Remove admin-url for bearer-only applications

Yes, we should hide scopes and claims. Good catch. On 9/12/2014 11:43 AM, Marek Posolda wrote: > Possible related question is, if bearer-only applications need scopes > and claims? Should we hide "Scopes" and "Claims" tabs in admin console > when editing bearer-only application? > > > On 12.9.2014 14:51, Bill Burke wrote: >> Negative. Bearer-only applications can receive revocation policies. >> i.e. "don't accept tokens before this date". In the future we may want >> to push things like allowed CORS origins, IP blacklists, user >> blacklists, etc. There's also stats we may want to gather from the >> applications. >> >> On 9/12/2014 5:25 AM, Stian Thorgersen wrote: >>> I propose we remove the "Admin URL" field for bearer-only >>> applications. As a bearer-only application doesn't manage any user >>> sessions there's not much point in propagating logouts to those. >>> _______________________________________________ >>> keycloak-dev mailing list >>> keycloak-dev(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-dev >>> >