Not sure I fully understand.
At the moment an application has scope on all it's own roles. I assume you mean that
you're proposing that it should have a "scope" on all roles a user has?
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Tuesday, 29 July, 2014 4:01:28 PM
Subject: [keycloak-dev] Disable application scope by default?
Should applications (non oauth clients) scope be disabled by default?
This would mean that any roles assigned to the user would be added to
the token.
I just think there will be tons of user questions on why doesn't
keycloak work for their application.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev