Sorry to veer off topic and onto general usability, but this brings up
something I've been meaning to mention for awhile.
I'm sure that I don't understand all the use cases very well, but I can
attest that the whole "scope" thing is rather confusing. From the UI, it
was never clear to me what "Scope" actually did. I never seemed to need
it so I never read the doco on it. Now I've read "Permission Scopes"
section of the doc and I still don't understand. I'd probably have to
read it a few more times to really get it.
I suggest that you add a short sentence to each screen that explains
what the screen is for. That would improve usability tremendously.
There are many other places where a few words would improve
understanding. For instance, what does "Direct Grant API" mean? I
shouldn't have to look it up in the doc to find out.
Stan
On 7/29/2014 11:40 AM, Stian Thorgersen wrote:
Other than potentially larger tokens I don't see any issue with
that.
Although, lately I've been thinking that only having a single list of roles for a
realm would be simpler, instead of realm roles and application roles. We could still
provide some form of a hierarchy using '/' for example 'myapp/admin'.
It's a pretty big shift, but I think it would remove a lot of confusion.
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: "Stian Thorgersen" <stian(a)redhat.com>
> Cc: keycloak-dev(a)lists.jboss.org
> Sent: Tuesday, 29 July, 2014 4:27:02 PM
> Subject: Re: [keycloak-dev] Disable application scope by default?
>
>
>
> On 7/29/2014 11:07 AM, Stian Thorgersen wrote:
>> Not sure I fully understand.
>>
>> At the moment an application has scope on all it's own roles. I assume you
>> mean that you're proposing that it should have a "scope" on all
roles a
>> user has?
>>
> Yes exactly.
>
> --
> Bill Burke
> JBoss, a division of Red Hat
>
http://bill.burkecentral.com
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev